Ransomware Insurance – Are you covered?
With 2017 coming to a close, we thought we’d take note of one of the larger implications that businesses of all sizes, located around the globe express concern over– ransomware. Recently we wrote an article on how to reduce the cost of cyber insurance; which sparked some questions around ransomware insurance coverage.
These questions were specifically around ransomware impact on insurance premiums.
Firstly, we’ll go into the effects of ransomware on a business.
Effects of ransomware on businesses
The main effects that ransomware has on businesses can leave a lasting impression. These can include:
- Loss of sensitive data or intellectual property either temporarily or worse – permanently.
- Disruption of regular day to day operations (loss of productivity).
- Financial loss
- Potential damage to reputation and brand.
Some basic statistics around ransomware
Bitdefender and Spiceworks collaborated to perform a ransomware survey of 250 IT professionals from Small to Medium Businesses (SMB’s) across many different industries. Interesting points to come out of this include:
- 69% of participants expressed concerns over ransomware.
- 38% of participants indicated they’d paid a ransom in the last 12 months.
- USD$2,423 was the average ransom.
- 45% of those which paid the ransom, didn’t regain access to their data.
- 65% of those affected regained access to their data from formatting and recovering from backup at least once.
The full survey can be viewed at https://download.bitdefender.com/resources/files/News/CaseStudies/study/153/Ransomware-SMB-survey-crea1289-A4-en-EN-web.pdf
Ransomware Insurance is nice to have…
There have been three large public ransomware outbreaks in 2017 – WannaCry, Petya and Bad Rabbit. Due to this; insurance companies are reporting a jump in cyber insurance claims from 10% to 25% overall being specific to ransomware or cyber extortion. However a number of businesses have been caught out without having this coverage in their premium and have opted to try and claim against kidnap, ransom and extortion clauses – which insurance companies are rejecting on a regular basis.
Just like insuring your car; you may not feel you need it – but you’ll be glad you have it when you’re feeling the pinch of the costs to return back to pre-incident operation. Double check that your ransomware insurance premiums contain specific clauses for ransomware and extortion.
However a shift in thinking is starting to occur
It’s beginning to appear that businesses of all sizes are now taking a different approach to ransomware – instead of being reactive to an incident; the movement is now to become proactive and start planning for ‘when’ an incident occurs through Business Continuity Planning (BCP) and disaster recovery (DR) plans. As shown by the 65% indicating they used their backup to resolve the incident.
Backup Audits and regular data recoveries
By performing consistent and regular backup audits and data recoveries – you’ll also find that your insurance premiums should also reduce. When looking for help in performing such tasks; let TestMyBackups assist. You can find more information about what TestMyBackups can provide around recovering your data on a regular basis.