Security News

A Panaseer survey of global insurers across the UK and US found that 82% are expecting the rise in premiums to continue, with 74% of insurers agreeing that their inability to accurately understand a customer's security posture is impacting price increases. To help combat the ransomware crisis, researchers found that 87% of insurers want a consistent approach to analysing cyber risk, and 89% want direct access to customer security metrics and measures proving the status of security controls.

We're now seeing a shift back to traditional risk measurement, with underwriters approaching cyber insurance in a manner similar to physical insurance - by assessing where the biggest risks are and determining whether they should exclude certain risks from coverage, as well as establishing a bar to define what constitutes reasonable care. By the end of 2020, more than half of cyber insurance policy holders saw the price of their coverage rise by as much as 30 percent, according to GAO. While the current conflict in Ukraine will likely lead to a rise in cyber insurance purchases, the harsh reality is that most coverage will not protect enterprises from nation-state attacks or even ransomware.

The increase in frequency and cost of ransomware attacks has made ransomware a board-level risk and put the cyber insurance industry under extreme pressure. The proliferation of ransomware has led to an increase in the frequency and value of cyber insurance claims.

In this interview with Help Net Security, Avi Bashan, CTO at Kovrr, talks about cyber insurance trends and how the growing threat landscape impacted both insurers and insurees. At the same time they feel more vulnerable to a ransomware attack than ever before, insurers are pulling back to the point where cyber insurance is more expensive than used to and thus demands clearer justification of the investment for most companies, and policies that cover a broad range of cyber incidents are more scarce.

Cyber insurance premiums are increasing and so is infosec's determination to get a slice of that pie: Cloudflare is partnering with Mandiant, Secureworks, and Crowdstrike in a "Rapid referral" partnership for under-attack companies. The move was announced today as Cloudflare claimed that insurance premiums "Have increased upwards of 50 per cent," with price hikes mainly hitting "The small and medium enterprises that find themselves as the common target for these cyber attacks."

Fallout from nation-state sponsored cyberattacks will no longer be covered under cyber-insurance policies issued by famed insurer Lloyd's of London. The insurance juggernaut's underwiring director Patrick Davidson just released four new Cyber War and Cyber Operation Exclusion Clauses, outlining the new terms.

The original purpose of cyber insurance is to cover the extortion losses of a business if a successful ransomware attack happens, and the business has no other options but to pay the ransom demand for business continuity or to mitigate future losses. This growing lack of vigilance and responsibility from some insured companies is tilting the balance of the cyber insurance market, forcing the insurance companies to raise the premium price and adjust the underwriting standards to lower their own risks of loss.

The general aim behind cyberinsurance is that it is insurance that covers things like IT incidents - in particular, things like security incidents. The flip side of that is that cyberinsurance companies - and I know this from talking to someone who works for a cyberinsurance company - they don't like paying those ransoms any more than any company does.

The growing number of ransomware attacks has burdened many oganizations, but it has also greatly impacted the cyber insurance industry, which found itself having to cover large ransomware demands. This called for a chenge in policies but also the need to enhance cyber insurance with cybersecurity knowlege.

Training material used by Conti ransomware affiliates was leaked online this month, allowing an inside look at how attackers abuse legitimate software and seek out cyber insurance policies. An interesting tactic used by the ransomware gang is using the legitimate Atera remote access software as a backdoor for continued persistence.