Get Wingman Cyber
Cyber liability coverage for you and your clients through IIAT Advantage and Wingman.
Learn MoreCyber liability coverage for you and your clients through IIAT Advantage and Wingman.
Learn MoreThis article originally appeared in Insurance Journal
Ransomware is all over the news of late. If only reading the headlines, you might conclude that ransomware affects primarily either large or high-profile companies, so agents and small commercial policyholders need not be overly concerned. This view is not just dangerously wrong but also diverts attention from the overall cybercrime threat that agents and their clients depend on – their digital ecosystem.
In a ransomware attack, a hacker “kidnaps” data, assumes control of an organization’s computer system and then demands a payment to give back that control. These attacks have increased in frequency and severity over the past two years. Chainalysis, a blockchain research firm, estimates ransom payments jumped 341% during 2020 alone.
Many cybersecurity experts believe the pandemic has driven the spike in ransomware in part because so many employees have been working from home with less-than-ideal protection. Ransomware attacks accounted for 41% of the total number of filed cyber insurance claims in the first half of 2020, according to a report released last year by Coalition.
Insurance companies have responded by raising premiums and tightening underwriting standards just as demand for cyber coverage has risen. Premiums increased from 10% to 30% in late 2020, according to a survey cited by the U.S. Government Accountability Office. In some cases, annual premiums may rise as much as 50%, according to Joshua Motta, founder of Coalition. A group of cyber insurers including American International Group Inc. and Chubb Ltd. have joined to form CyberAcuView LLC, a consortium aimed at enhancing cyber risk mitigation efforts across the industry.
The emphasis on ransomware is not misplaced, as it represents the largest cybercrime segment. The Coalition report also reported that 59%of cyber insurance claims were not due to ransomware, but to other cyber events including funds transfer fraud and email compromise. At the same time, reports have surfaced that hackers have also gained access to personal identifiable information (PII) through agency vendors, such as quoting software and through policyholder groups, particularly contractors.
Every agency must step up its efforts to address its own cybersecurity vulnerabilities and those of its clients. Cybersecurity experts agree the best defense involves using a layered approach by combining multiple authentication methods with more secure systems and protocols. Some insurers offer security audit services to agents and others are revising agency agreements to require greater attention to cybersecurity.
A good starting point is specialist insurer Beazley’s “Steps to Protect Against Ransomware,” which applies to most types of cyber events. Beazley advises:
Back-up key systems and databases. Ensure regular back-ups that are verified and stored safely offline. Use strong, unique back-up credentials, and secure them separately. Test backups to ensure restoration from them.
About the Author
Tom Wetzel is CEO of Thomas H. Wetzel & Associates, an insurance marketing firm for independent agents whose services include a partnership with LivePerson to bring HIPAA-certified messaging and IBM Watson to the insurance industry, the Wetzel Digital Roadmap, website design and maintenance, and content creation. Contact: www.wetzelandassociates.com or twetzel@wetzelandassoc.com.
Learn how to reduce your chances of becoming the next cybercrime victim, without spending a ton of money or obtaining an advanced degree in computer science.
Watch Now