Most businesses are either still not buying cyber insurance cover or if they do buy, it is not enough to cover last year's median ransom demand according to a new survey by BlackBerry and Corvus Insurance.
The survey report reveals that businesses in the US are increasingly concerned about how they will meet ransomware demands. Only 19% of those surveyed have ransomware coverage limits above $600,000, while over half (59%) hoped the government would cover the damages when future attacks are linked to other nation-states. According to a press release by Blackberry and Corvus, small-to-medium sized businesses (SMB) have become a favourite criminal target – and are especially feeling the heat.
The survey report found that of the businesses with under 1,500 employees, only 14% have a coverage limit in excess of $600,000. A recent Forrester report had estimated that a typical data breach would cost the average organization $2.4m to investigate and recover. Perhaps unsurprisingly, 50% of SMB respondents hoped the government would increase financial aid in all ransomware incidents.
Blackberry executive vice president and CTO cyber security Shishir Singh said, “Not only are there more ransomware threats than ever, but the criminals are more ruthless. They will iterate threats and wait patiently in order to extract maximum damage.
Mr. Singh said, “For the uninsured and underinsured organizations, this potentially puts them in extreme jeopardy. The cyber underground is increasingly sharing learnings and partnering to make threats as efficient as possible. It’s vital businesses strengthen their security posture against these threats by supplementing insurance with a prevention-first software approach that lowers their overall risk.”
According to the report the cyber security coverages of many businesses are poorly tailored to their current situation. Over one-third (37%) of respondents aren’t currently covered for any ransomware payment demands, while 43% aren’t covered for auxiliary costs such as court fees or employee downtime.
The report also highlighted that in addition to the cyber insurance gap, it has also become harder to purchase cyber insurance due to increased software requirements placed by insurance brokers. Over one-third (34%) of respondents have been denied coverage due to not meeting specific endpoint detection and response (EDR) software requirements. These increased requirements however may be having a real impact on reducing ransom payouts.
Corvus Insurance CTO Vincent Weafer said, “Continuing to adhere to software requirements is one of the best ways to fight the ransomware industry.
He said, “In our portfolio alone, we’ve seen a 50% reduction in the ratio of ransom demands that end up being paid. Better software adoption is a critical element in better positioning organizations to stand up to attackers.”