Security News > 2021 > August > Ransomware and cyber insurance: What are the risks?

According to the U.S. Government Accountability Office, the number of companies opting for cybersecurity coverage grew from 26% in 2016 to 47% in 2020, and most saw breach insurance premiums increase by up to 30%. Given the clear financial stakes, it is time security leaders understand the risks before adding cyber insurance to their strategy for ransomware prevention and recovery.

Most organizations are not equipped to handle a ransomware attack appropriately without expert help, so they should call reputable, experienced security consultants immediately for their extensive experience with ransomware remediation.

In addition to calling in cybersecurity experts, organizations with cyber insurance policies must hold those providers to a very high standard.

To understand their clients' risk profile, cyber insurance providers require them to fill out very detailed third-party risk management documents that catalog all their security controls and how often these controls are tested.

Hackers and ransomware groups have been known to target cyber insurance companies to obtain insured client documentation and then target those organizations because there is a higher likelihood they will pay the ransom.

Organizations should ask cyber insurance companies the exact same third-party risk management questions they are asked to make sure that the insurer and any sensitive information about their network is secure.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/nP-AsmJApfQ/