In the intense arena of Formula 1 racing, every millisecond counts – not just on the track but also in protecting the valuable data that drives
The year 2021 had the dubious distinction of being the most prolific for ransomware on record, and the onslaught didn’t stop in 2022. It’s now estimated that every 14 seconds, a business falls victim to a ransomware attack.
Ransomware attacks aren’t just happening more often. They’re getting more complex and costly – and cyber insurers have had it with writing eye-popping checks for ransomware losses, particularly if it turns out that the victimized company didn’t have basic proactive cybersecurity measures in place.
Cyber Insurers Are Passing on Ransomware Losses to Customers
When organizations looked to renew their cyber insurance policies this year, they ran into some very unpleasant surprises, including premiums as much as 300% higher, “sub-limits” and co-insurance provisions on ransomware incidents, and far more scrutiny from underwriters. Insurers are coming down especially hard on industry verticals that are at high risk for ransomware attacks, including education, healthcare, manufacturing, and the public sector.
Moving forward, organizations can expect that their cyber policies will cover only a fixed amount per incident – and victims will be made to shoulder more of the risks, especially when it comes to ransom payments. In addition to financial risks, insurers are skittish about getting on the U.S. Department of the Treasury’s bad side. Treasury has already warned organizations that facilitating ransomware payments could be illegal under Anti Money-Laundering (AML) statutes. The U.S. government’s Financial Crimes Enforcement Network (FinCEN) reiterated this point, sternly advising finance companies and insurers that “FinCEN will not hesitate to take action against entities and individuals engaged in money transmission or other MSB activities if they fail to register with FinCEN or comply with their other AML obligations.”
Expect Greater Scrutiny from Cyber Insurance Underwriters
With losses mounting, and the power of the U.S. government coming down on them, insurance underwriters are demanding that organizations take proactive security measures to protect themselves. As one insurance professional told the Kansas City Business Journal, “probably 50% of the companies we deal with are getting scrutiny from their current [cyber] insurance carrier because controls that were OK last year are not adequate this year.”
What controls are insurers looking for? In addition to advanced technical defenses such as continuously monitored SIEM systems and Endpoint Detection and Response (EDR) tools, insurers expect organizations to have security basics in place, particularly those related to identity and access management (IAM). This is because, according to Verizon, compromised credentials are the number-one cause of both data breaches and ransomware attacks.
Don’t Depend on Cyber Insurance to Cover All Your Losses
It’s never been wise for organizations to depend on cyber insurance to cover all losses after a ransomware attack. It’s even riskier now. Organizations can expect to pay a lot more for cyber insurance moving forward, policies will cover a lot less, and insurers will demand that customers adhere to much stricter underwriting rules, including proving to the insurer’s satisfaction that they’re taking steps to prevent ransomware attacks from happening in the first place:
- Train employees on recognizing phishing and other social engineering attacks, as these are how threat actors often obtain working login credentials.
- Use a secrets manager such as Keeper Secrets Manager to secure infrastructure secrets like RDP login credentials, which are a major vector for ransomware attacks.
- Implement zero-trust network access features such as Role-Based Access Controls (RBAC) and Multi-Factor Authentication (MFA).
- Secure your employees’ passwords. Require employees to use strong, unique passwords for all accounts, and deploy an enterprise password manager like Keeper.
Keeper’s zero-knowledge, enterprise-grade password security and encryption platform gives IT administrators complete visibility into employee password practices, enabling them to monitor and enforce password security policies organization-wide, including the use of strong, unique passwords and MFA. Keeper takes only minutes to deploy, requires minimal ongoing management, and scales to meet the needs of any size organization.
Not a Keeper customer yet? Sign up for a 14-day free trial now! Want to find out more about how Keeper can help your organization prevent security breaches? Reach out to our team today.