As ransomware and other advanced threats continue their assault on businesses, organizations have increasingly turned to cyber insurance providers to help them out of a jam. However, this marketplace isn’t just growing—it’s changing. What was once considered necessary protection in case of file encryption and ransom demands is now an integral part of many businesses’ security infrastructures.
In response to changes in the work environment due to the pandemic, ransomware attacks and extortion techniques have evolved. So, too, has the industry that sprung up to assist organizations that had already been hit. More and more, companies are realizing that yes, they need to shore up preventative security, but they also must have a working plan for the very real potential of getting breached.
According to an October 2020 study by ReportLinker, the global cyber insurance market is expected to grow from $4.8 billion in 2019 to $16.9 billion by the end of 2025, a Compound Annual Growth Rate (CAGR) of 23 percent. After an onslaught of ransomware attacks last year on schools, cities, and government agencies, many organizations doubled down on cyber insurance to cover costs that might arise from another attack, such as investigative teams, remediation and recovery efforts, business interruption losses, digital data recovery, and more.
While the cyber insurance industry drew early criticism from security insiders for potentially juicing ransomware threat actors’ bank accounts, the sentiment has since shifted. In 2017, the NotPetya attack, one of the largest cyberattacks in history, caused $10 billion in damage worldwide. Only 3 percent of those costs were covered by cyber insurance. In the years since WannaCry, NotPetya, and other expensive attacks on businesses, organizations have moved to adopt more robust insurance policies, including coverage for nation-state attacks and hands-on assistance in bolstering existing security policies.
As ransomware attacks have increased in frequency and complexity, ransoming techniques have also evolved, switching the focus away from “simply” encrypting files and requiring a ransom to return them. Where many companies adapted to ransomware threats by instituting regular, automatic backups, cybercriminals returned the volley by threatening to release sensitive data to the public or disrupting operations for ransom.
Cyber insurance, paired with layered security software and employee awareness, can thus provide the additional protection necessary to prevent attacks when possible, and recover from an attack quickly when it’s not. Expect cyber insurance to continue evolving in this direction, filling in technical gaps and not just providing hefty ransom payments. In fact, that’s why we’ve recently partnered with Coalition, a leading cyber insurance provider, to help business customers further reduce their risk of cyberattacks.
To learn more about why cyber insurance should include coverage for state-sponsored attacks, read this article from the Harvard Business Review: https://hbr.org/2020/10/does-your-cyber-insurance-cover-a-state-sponsored-attack
For more information on the Malwarebytes and Coalition partnership: https://go.malwarebytes.com/Coalition-Malwarebytes-Partnership.html