Over a year ago, near the start of the pandemic, I wrote a blog about the importance of cybersecurity insurance amid the uptick of hacking and cyber ransom attacks on corporations of all sizes. I spoke then about how the Black Swan disruption of COVID had driven so much of global business online, which had in turn offered heightened opportunity for hackers, fraudsters, and thieves across the globe to have unleashed their arsenals toward exploiting any weakness. I would love to be able to say that we have since turned a corner—but I can’t.
2020 saw more claims in cyber ransom than any year before it, and 2021 is on track to beat that dubious record handily. With the added economic strain of the pandemic, I know of numerous companies that have never been able to recover from such attacks, and the cyber insurance markets have begun to take notice of the endless financial drain that hackers pose. Some insurance carriers have pulled back their limits or removed ransomware coverage from their policies altogether.
In answer to the above question—YES, cybersecurity has never been so necessary and worth it, BUT the need to closely review and understand your policy is just as vital as having coverage in the first place. One of my international clients has already had to contend with and recover from two ransomware attacks this year. A technology company where a close friend of mine works suffered a cyber ransom attack while carrying a cyber insurance policy that didn’t cover cyber extortion. No one had read the fine print of which types of attacks were covered, and the company has now lost 50% of their client base and is still struggling to recover a full year later.
Cyber insurance carriers have also become wary of what type of cyber security systems companies have in place before writing a policy—noting that some software systems like Solar Winds Orion, and certain Microsoft products are far more prone to attacks than others. Prior to writing a policy, carriers are requiring multi-factor identification protocols for authentication and scoring security measures with premiums dependent on a company score.
Steps that need to be taken:
- Implement Multi-Factor Authentication (MFA) on all VPN connections.
- Sensitive data should be encrypted on all devices.
- Regularly update VPNs, network infrastructure devices, and devices being used to remotely connect with the latest software patches and security configurations.
- Alert ALL employees to an expected increase in phishing attempts and require regular/automated password change protocols.
- IT security personnel should ramp up the following remote access cybersecurity tasks: log review, attack detection, and incident response and recovery.
- Communicate to your whole team how to report security incidents, phishing, malware, and other cybersecurity concerns.
- Employees should be cut off from online access as soon as they leave the company.
Unfortunately, in our globally connected and increasingly online dependent work life, the ever-present threat of cyber attacks is the new normal. Putting our heads in the sand and hoping for the best is no longer an option. Only rigorous cyber security hygiene with robust insurance coverage to support it can provide the relative peace of mind that every business needs to do its best work.
If you have questions about your cyber security system or cyber insurance policy, don’t hesitate to reach out for consultation.