The cyber landscape has become a minefield in recent years, with a huge increase in advanced persistent threats, malware, cyber crime, and data breaches. In response, information technology, IT security and insurance industry professionals have emphasized the need to not only increase cyber security practices, but also to purchase Cyber insurance to plug the gaps where the technology may not be able to help. After all, as many security professionals and will say, the biggest cyber security threats to a company are its people.
This month, we learned of the latest worldwide malware/ransomware threat–the WannaCry virus. This virus was released on 5/12/17 and targeted Microsoft XP operating systems across the globe. If a computer was infected, hackers demanded 300 to 600 bitcoin. As of 5/19/17, 200,000+ computers in over 160 countries had been infected by the virus, but less than 300 payments totaling under $100,000 had been made to the originators of the virus.
So, was this just a big scare for nothing, like Target and Home Depot, where only big corporations are impacted and the SMEs see little to no impact at all? Do all of these big attacks just go away without much happening and, if so, why should anyone consider purchasing a Cyber insurance product if the losses are so small?
Risk Placement Services provides an online Cyber policy system that allows our clients to rate, quote, bind and issue a Cyber insurance policy in less than 90 seconds. We have sold over 10,000 policies and have received quite a few claims, many of them related to ransomware. The two things we have heard from our customers in all of the events are:
- The Cyber policy gave them access to trained professionals who helped them through the event and to mitigate the potential damage.
- The cost of the event, even without a ransomware payment, exceeded the amount they paid in premium anywhere from 3x up to 10x.
Recent claim examples include:
- The insured discovered ransomware on a billing server that stored, among other things, tax information. The insured contacted the breach coach through the hotline, and engaged an IT vendor to delete the affected files and restore from backup and had a forensic team to perform an investigation. Based on the forensic report, the breach coach concluded that no notification was required for this breach, although costs of approximately $50,000 were incurred.
- The insured discovered ransomware on servers storing accounting data and software, including QuickBooks containing employee and customer data. This data was subject to regular backup but was encrypted by ransomware, so could not be used. The insured engaged their contract IT provider to assist in decrypting and recovering data. The investigation continues, but the restoration of covered data has cost approximately $20,000 to date.
- An insured discovered ransomware on its computer systems, potentially exposing "tens of thousands" of patient records. The insured reached the breach coach through the hotline, who retained a forensics team to facilitate the payment of the ransomware, restoration of files and forensics to determine if there was a reportable breach. The breach coach concluded that no reportable breach had occurred, but total costs for the breach coach, forensic team, payment of the ransomware and restoration of files was approximately $60,000.
Cyber insurance for the SME segment continues to be a valuable tool for keeping an operation running when these events occur. It is not a matter of “if” any longer—it’s a matter of “when.” If nothing else, Cyber policies help insureds gain access to a seasoned team of IT response professionals that will help them work their way through any event.
RPS is your trusted expert for Cyber and a plethora of other wholesale insurance products. Contact us for more information.