According to a survey of nearly 3,000 risk management professionals, COVID-19 continues to be viewed as a top business risk for 2021 alongside Cyber Incidents (both at 40% of those surveyed) and comes in second only to Business Interruption (41%). While cyber incidents have been a growing concern for years, the pandemic has increased the risks due to increased reliance on remote technology, as well as the speed with which new technology was adopted.
Due to the surge in these risks, cyber insurance premiums, which now total around $5 billion annually, have drastically increased and are expected to continue to increase 20 to 30% per year on average. A few reasons for these increased premiums are as follows:
- COVID-19: The pandemic has turned the world upside down in many ways, including how businesses and workforces operate. With many employees going remote, devices were exposed to less secure networks, leading to an increase in cyber incidents.
- Ransomware: Ransomware continues to increase exponentially as criminals find easier ways into unprotected systems. With the threat of ransomware increasing, cyber insurance companies must respond with higher premiums to offset the increased probability a client may become a victim of a ransomware attack.
- Email Compromise: Over 90% of successful cyberattacks start with an email. As phishing increases and cyber criminals become better at getting employees to click or respond to phishing emails, cyber incidents will continue to proliferate, causing cyber insurance rates to increase.
- Changes to regulations: Compliance demands continue to grow as industry regulations, privacy, notification laws, and notification requirements change and increase leading to more reported incidents and higher premiums.
The Costs of Not Having Cyber Insurance
Cyber Insurance is critical to your business and continues to be as threats grow in number and sophistication. Here are just a few reasons why it’s so important you protect your company with substantial coverage:
- Ransom costs: After a ransomware attack, some companies choose to pay the ransom in hopes of restoring their data…however, paying the ransom results in only a 30% chance of data and systems being recovered.
- Legal fees: The costs of legal fees related to cyber incidents and the fees associated can cause irreparable financial damage to a business.
- Data Recovery: As mentioned above, you may never be able to recover the data lost in a ransomware attack or other incident involving a loss of data.
- Compliance fees: Compliance can not only be difficult to navigate, it can also be expensive.
Ransomware, the Exploding Cyber Threat
Gain a more thorough understanding of what ransomware is, how it works, who it targets, and how you can protect yourself.
6 Ways Lower Your Risk and Mitigate Cyber Insurance Costs
Despite the growing cost of cyber insurance, and the necessity of robust coverage, there are some key methods and best practices to reduce your liability:
- Use enterprise-level antivirus: Enterprise-level, next generation antivirus solutions combine various technologies such as behavior analysis, artificial intelligence (AI), machine learning, live monitoring, and intention monitoring to find threats, instead of just scanning for signatures. Traditional consumer-level antivirus can’t fully protect your data and systems.
- Conduct regular penetration testing: Regularly check your entire system for vulnerabilities, exposed endpoints, software weaknesses, necessary updates, and any flaw that a hacker could potentially exploit. If any issues are found, you can quickly resolve them before your business is exposed.
- Adopt a data recovery and backup solution: If your data becomes corrupted due to a security incident, a comprehensive data backup and recovery solution will keep your business moving forward. Your chosen solution should also be tested regularly to ensure that you are able to recover your data if an incident were to occur.
- Patch management: Many cybersecurity incidents have been the result of unpatched software. In fact, 57% of cyberattack victims report their breaches could have been prevented by installing an available patch. Patches secure any weak spots or vulnerabilities that have emerged, leaving you open to ransomware or malware attacks.
- Make sure your website is secure: Always use a trustworthy provider for website hosting and regularly conduct audits to ensure there are no vulnerabilities that could leave your company and data open to cyberattacks.
- Notify and train employees: Keep your employees up to date on the latest threats and trends in cybercrime so they can stay vigilant to not fall victim to suspicious emails and other vulnerabilities.
While cyber insurance can feel like a daunting expense, the potential loss of data and coinciding expense of not having comprehensive coverage can be worse. This is why CNP has partnered with USI Insurance to help make sure you have comprehensive coverage. We will help you prepare your business for the growing threat landscape while mitigating the risk, cost, and complexity that might be present in your business.
For a detailed checklist of ways to prepare your business and a complimentary security assessment, please reach out to info@cnp.net.