The Cyber Insurance Crisis: How Soaring Ransomware Claims Are Driving Up Premiums

In the cyber insurance industry over recent years, we’ve seen a dramatic increase in premiums, with the primary driver being the number of ransomware attacks.

Ransomware has different forms:

1. In the first form, you arrive at the office one day, and your screens are already black with a threatening message.
2. Second, the threat actor gains access to a system and exploits it. When they already feel that there is a real vulnerability, they will trigger a ransomware attack.

A lot of school systems, unfortunately, have been hit by this recently, so they’ll know right before the school year to ask for a ransom, or if there’s a big event coming up, or some essential activity that has to take place, and that’s when they’ll trigger this ransomware attack because they’re hoping to get paid. 

Ransomware attacks 2020 vs. 2021: We observe a significant increase from 2020 to 2021, and even with the new data from 2022, the trend continues to rise. They are becoming increasingly prevalent.

These are the types of attacks where insured businesses can reach the full policy limit in a matter of days. They can be extremely expensiv,e and at times, unfortunately, these criminals view themselves as business people. They are definitely criminals, but they are very skilled at determining the ransom amount to ask for, how to get paid, and how to exploit the system. 

“Unfortunately, cybercriminals view themselves as business people. They are good in asking how much ransom to ask for.”

So the increase in these ransomware attacks, which are covered by good cyber insurance policies, has led to a lot of claims being paid out, which led to that graph where the premiums have gone up dramatically because the companies have to rework their algorithms around how they’re going to charge their premiums based on claims in the past. 

The statistics in the image below are quite frightening; hence, it’s essential not just to learn about insurance but to focus on the cybersecurity that is put into place by individual businesses. 

Why do you need cyber insurance?

The number above, $2.98 Million, always looks big to us even if we’ve seen this over and over again. The average cost of a data breach is almost $3 million. 

We’ve seen quite a few that are not as big and are not always going to happen, but some are a lot larger, that is why $3 million is the average.

Why did the almost $3 million data breach cost?

Ransomware

It’s almost $3 million because when we examine a data breach, it often involves a ransomware element, as well as business interruption. 

Business interruption

Business interruption occurs when normal business activities cannot take place, resulting in associated costs. If a company is down for a month or 6 weeks or slow for 2 months, and they can’t perform regular business, that is a real cost out there.

Regulatory concerns

When examining data breaches, numerous regulatory concerns arise. Particularly in specific industries, there can be not just fines but there could be efforts such as having to purchase a personal protection service for the next year for everyone whose data was accessed. That does happen at times. 

Call centers or Press Releases

A call center may need to be set up to notify people. There might be a need for a press release. 

And if we view insurance as a product, why would someone want to purchase it? And why would someone want cyber insurance instead of a general one? All these elements that are involved in an attacker are covered in a policy, but it’s not just coverage that is important; it’s having experts in each of these areas of forensics, negotiation, remediation, public relations, and being able to quickly put together a defensive front in a case of one of these attacks. 

Queries

Is it correct to say that the average coverage that a company should look at is 3-4 months of revenue for a breach?

Yes, that is typically our recommendation. That 3-month figure is a good ballpark because it’s not just counting the period of ransom, but also the possibility of where a forensic investigator might go. It’s really that business interruption piece where the business may be down for an extended period of time. 

So, hopefully, it won’t be 3 months, but we look at the 3-4 month figure because there might also be legal costs, and there might be a ransom itself, a call center, and all these other things in addition to the business being slow. So, I think that’s a brilliant figure to look at.

These enormous average costs may lead you to think that this might be a problem for Fortune 1000 companies. However, in reality, it’s small and medium-sized businesses that face the majority of these attacks.

Statistics show that 68% of small businesses experienced a cyberattack in 2021. And 61% of the target is small and medium-sized businesses. This is an issue that is certainly not exclusive to Fortune 1000 companies, giant corporations, or cities and state entities. It is an issue facing small and medium-sized business communities.

“you may think that these might just be a problem of Fortune 1000 companies. But in reality, it’s small and medium business that are facing the majority of these attacks.”

The most concerning aspect is the high number of bankruptcies and business closures. This is a great reason to explore cyber insurance and how implementing additional cybersecurity measures can help.