Membership is FREE!   Professional Designations for Business & Technology Professionals

Cybersecurity

Cyber insurers tighten underwriting, raise prices as ransomware wave hits

3 Mins read

Cyber insurers are charging more for coverage and being more cautious with their underwriting because of a sharp uptick in the frequency and severity of ransomware claims, according to several underwriters and brokers. The sharp rise in claims may even push some insurers out of the cyber market.

Paul Bantick, head of global cyber and technology at Lloyd’s of London insurer Beazley PLC, said in an interview that cyber insurance prices had hovered between flat and increases of 5% over the past two years. But recently, increases ranging from 15% to 25% are “becoming more and more common,” he said, and that is widely expected to continue through 2021.

Bob Parisi, U.S. cyber product leader at Marsh & McLennan Cos. Inc.-owned broker Marsh LLC, said preliminary data for the third quarter showed that prices had increased by about 10.5% on average, following rises of 7% in the second quarter and 6% in the first quarter. The recent acceleration “is a material change in the pricing and I think it reflects those ransomware claims being paid,” Parisi said in an interview.

A growing threat

Estimates of increases in ransomware attacks vary, but certain signs point to a large spike. Darren Thomson, head of cyber security strategy at cyber insurance analytics company CyberCube, said such attacks so far this year are 7x higher than what they were in 2019.

Although such a significant increase cannot solely be attributed to widespread adoption of working from home amid the coronavirus pandemic, that phenomenon has played a role. Ransomware often enters a company’s systems through weak remote access points and virtual private networks. Johnty Mongan, cyber risk consultant at insurance broker Arthur J. Gallagher & Co.’s U.K. operation, said companies’ rush to configure themselves for lockdowns “started to really amplify the problem of poorly configured remote working.”

More attacks means more insurance claims. Beazley saw a 239% increase in ransomware claims in 2019 compared with 2018, based on incidents reported to the insurer from U.S. middle-market and private enterprise companies with a Beazley Breach Response or InfoSec product. Severity is also increasing: The Beazley data shows ransomware payments in 2019 were 3x as large as 2018 payments, and the total costs of ransomware payments were up 228% over the same period.

“We are seeing a lot more ransom demands that are now reaching the hundreds of thousands and millions, where before it was more in the tens of thousands to hundreds of thousands,” Laetitia Fouquet, global head of cyber at loss adjuster Charles Taylor Adjusting, said in an interview. She added that the largest ransomware demand she had seen, although it was not paid, was €30 million.

Cyber insurance programs often have layers of excess coverage that kick in once the primary layer has been exhausted. William Wright, a partner at Paragon International Insurance Brokers, said the lower excess layers would not previously have been triggered by ransomware. But now that claims bills are reaching £20 million or £30 million, “suddenly the excess layers are in play on a risk type that [the insurers] were never previously having to rate for or consider in the same way,” he said. As a result, the biggest price changes are in the low excess layers.

The ransom payment is only part of the claims expense. Fouquet said the biggest costs are actually IT expenditures related to investigating, identifying and containing attacks, and then restoring systems. Business interruption claims for downtime after attacks are also making up an increasing amount of the overall bills. Fouquet said a majority of claims in June and July had a business interruption element. “We were not seeing that last year,” she added.

A further concern is that attacks are becoming more targeted, sophisticated and vindictive. Instead of simply locking companies out of their systems and demanding a ransom to regain access, ransomware is increasingly siphoning off data, which cyber criminals can threaten to release either to put more pressure on victims to pay the ransom or extort even more money. According to the Coveware ransomware report for the second quarter, data was exfiltrated in 22% of ransomware incidents, compared with 8.7% in the first quarter.

Wright said the combination of ransom and data theft, plus rising ransom demands, is “like the worst of all worlds” for insurers and policyholders. “You only need two or three of those claims at that type of payout amount to happen for the market to suddenly find themselves feeling a little bit in hot water,” he said.

No end in sight…

Read The Full Article

Related posts
Cybersecurity

Massive Supply-Chain Cyberattack Breaches Several Airlines

4 Mins read
The cyberattack on SITA, a nearly ubiquitous airline service provider, has compromised frequent-flyer data across many carriers. A communications and IT vendor…
CybersecurityData Breaches

International cybercops derail botnet used to extort, steal data around the globe for years

4 Mins read
FBI also announced the arrest of a Canadian on Wednesday in connection to a ransomware attack The Associated Press · Posted: Jan 27, 2021…
CybersecurityUncategorized

Facebook will shut down its spyware VPN app Onavo

4 Mins read
Josh Constine@joshconstine / 8:43 PM EST•February 21, 2019 Facebook will end its unpaid market research programs and proactively take its Onavo VPN app off…
Join BIZTEK

Yes, I have read and live by this Code of Ethics - https://biztek.org/code-of-ethics/. We are BIZTEK, located in Mississauga, Ontario. Business Certification is an important part of doing business in Canada. Join us to set new standards and professionalism to the technology sector. We will email you regarding issues that affect business and technology professionals in Canada. Contact us at info@biztek.org or call us at 647 499 2744. You can unsubscribe at any time.