The increasing number of publicly disclosed breaches and successful ransomware incidents are driving growth in cyber insurance – naturally. Examples this year include the global-headline making WannaCry attack, which crippled organisations across the world, including the UK’s national health service.
As breaches continue, and the need for cyber insurance rises, there is an increased risk that this will encourage criminals to target companies with extortion insurance to demand increased payments, believes researchers at WatchGuard Technologies.
In countries that require mandatory breach disclosure, cyber insurance helps cover the costs and sometimes the lawsuits that result from these breaches. But more recently, insurers have promoted optional extortion insurance packages that cover the costs of ransomware and other cyber extortion payments.
“We find it concerning that insurers sometimes pay ransoms to recover their customers’ data,” said Corey Nachreiner, CTO at WatchGuard Technologies. “While we understand the business decision, insurers currently have no long-term actuarial data for cyber incidents and ransomware. It is possible that paying ransoms will encourage this criminal business model and increase the number of incidents insurers have to handle or the cost of ransoms.”
As most studies show that at least one-third of ransomware victims already pay, smart ransomware authors will target insurers to identify organisations with extortion insurance, and then attack them directly.
WatchGuard Technologies expects SMEs “to continue to adopt extortion insurance in 2018 but cyber insurance should not replace security controls and best practices,” said Nachreiner. “We predict that insurance providers will start to implement guidelines that require companies to have strong security controls in place as a prerequisite. When combined with other layers of security, cyber insurance is a great addition to your cyber security strategy.”