Is Cyber ​​Insurance an Invitation to Cybercriminals?

There is no question about it. Cybercrime can be a very lucrative career choice — if you don’t mind participating in illegal activity or the possibility of getting arrested. Unfortunately with the growth in Ransomware as a Service (RaaS) and the breadth of the cybercrime ecosystemthe challenge is not going away anytime soon.

As ransomware attacks and cybercrime have skyrocketed over the past few years, some organizations are feeling compelled to purchase cyber insurance, which is designed to cover the costs resulting from a successful cyberattack. A cyber insurance policy coverage usually includes costs related to the remediation process, such as paying for the investigation, crisis communication, legal services, and refunds to customers.

Cyber ​​insurance can save victims of cybercrime and help prevent bankruptcy. That’s the good news. The bad news is that those with cyber insurance could be painting a big target on their backs. Why? Because anecdotal evidence suggests that cybercriminals are quite adept at finding out which organizations have cyber insurance. This is helpful to them because they know that insured organizations are more likely to pay a ransom.

For example, by using the public record and seeing the premium paid for cyber insurance, threat actors can figure out how much coverage a government or agency has. This helps attackers know which organizations to target because they can foresee professional negotiators will be brought in by the insurer and likely and quickly lead to a financial settlement.

According to a recent ransomware survey, some cybercriminal organizations keep data on their attacks — just like any legal business would. If they successfully get paid for a ransomware attack and a cyber insurance company was involved, you can be assured that that fact will be documented and the victim organization will likely be targeted again in the near future.

Not a Panacea

You can be assured if your organization is a regular victim of cybercrime, your insurance rates are going to go up and your coverage may become more limited. In addition to covering a portion of or all of the ransom, often cyber insurance pays the replacement costs to damaged equipment and regulatory fines from losing PII (personal identifying information).

However, companies shouldn’t be fooled, cyber insurance is not a bandage for all the wounds that may come from a cyberattacks. There is no way to get fully reimbursed for lost operating costs, stolen intellectual property, bad press, or a destroyed reputation.

Improving on Cyber ​​Hygiene
A not-so-obvious benefit that comes with cyber insurance is how it can propel an organization to improve its basic cybersecurity and adopt cyber hygiene practices. As part of their agreement to provide cyber insurance, the insuring companies are going to demand that their clients upgrade their security profiles as they will exclude coverage on issues that were preventable or caused by human error or negligence.

Insurers expect organizations to have basic security applications and solutions like endpoint detection and response (EDR) and security platforms like Fortinet Security Fabric that span the extended digital attack surface, enabling self-healing security and networking to protect devices, data, and applications.

In effect, getting cyber insurance can force an organization into creating a higher standard of behavior and cyber hygiene as well as improving on its cyber defenses. Employing solutions like a cybersecurity mesh or industry-leading security platform can reduce the chances of a company being breached.

By fortifying its potential vulnerabilities, organizations can save money in both the short run (lower premiums) and the long run (avoiding the expenses of successful cyberattacks).

The Evolution of Ransomware

Ransomware is a constantly evolving threat and the affect it can have on an organization can be deep and long-lasting. It used to be that cybercriminals would hold a victim’s data hostage by encrypting it and then provide the key once they were paid off. Nowadays, threat actors with ransomware publicize stolen records or completely erase data — even after the ransom or ransomware settlement has been paid.

In addition to that unfortunate development, threat actors are also responding faster than ever and taking advantage of newly publicized vulnerabilities. Because ransomware knows no limits, spanning political, geographic, and technology arenas, an integrated response involving the public sector as well as the private sector is required to totally defend against it.

As an individual, you can help protect yourself and your organization by making sure you are trained on the latest cybercrime techniques. Free cybersecurity and awareness training is readily available.

Learn more about how Fortinet Security Fabric solutions protect the entire organization against ransomware attacks as well as from infection and spread.

Copyright © 2022 IDG Communications, Inc.

Leave a Comment