While the increasing number of publicly disclosed breaches and successful ransomware incidents are driving growth in cyber insurance, there is a risk that this will encourage criminals to target companies with extortion insurance to demand increased payments, believes researchers at WatchGuard Technologies.
In countries that require mandatory breach disclosure, cyber insurance helps cover the costs and sometimes the lawsuits that result from these breaches. But more recently, insurers have promoted optional extortion insurance packages that cover the costs of ransomware and other cyber extortion payments.
“We find it concerning that insurers sometimes pay ransoms to recover their customers’ data,” says Corey Nachreiner, CTO at WatchGuard Technologies. “While we understand the business decision, insurers currently have no long-term actuarial data for cyber incidents and ransomware. It is possible that paying ransoms will encourage this criminal business model and increase the number of incidents insurers have to handle or the cost of ransoms.”
As most studies show that at least one-third of ransomware victims already pay, smart ransomware authors will target insurers to identify organisations with extortion insurance, and then attack them directly.
“We expect SMBs to continue to adopt extortion insurance in 2018 but cyber insurance should not replace security controls and best practices,” says Nachreiner. “We predict that insurance providers will start to implement guidelines that require companies to have strong security controls in place as a prerequisite. When combined with other layers of security, cyber insurance is a great addition to your cyber security strategy.”