How to Get Higher Cyber Limits When You Need Them the Most

The Growing Cost of Cyber Attacks

The result of the increase in ransomware attacks is that insurers are now taking a second look at what they're including for cyber coverage in their policies. Many are increasing their prices while simultaneously decreasing coverage. Numerous insurers are declining to take new clients or are capping coverage amounts at about half² of what they used to be for some clients.

In the first quarter of 2021, U.S. cyber insurance premiums rose an average of 18%,³ according to data from the Council of Insurance Agents & Brokers. The pandemic has driven up insurance premiums across multiple categories, but the increase is most seen in cyber insurance due to the significant rise of ransomware attacks.

Ransom payments only started being included in cyber insurance policies in 2015, with little to no risk associated with them. Now just six years later, ransomware attacks are the main attraction. Ransomware attacks were responsible for all of the growth in U.S. cyber insurance claims in 2020. This year, they account for 75% of all cyber claims.⁴

How to Get Higher Cyber Insurance Limits

Ransomware has had a significant impact on cyber insurance pricing, capacity and underwriting. But despite all of this, the reality is that the majority of companies need some form of cyber insurance to defend against these multiple risks.

Deloitte⁵ conducted informal research among leading providers of cyber insurance and found that policyholders can face a 200% increase in premiums for the same coverage, or possibly even be denied coverage, until strict conditions are met following a cyber incident.

You can take steps to make your clients more attractive as insureds — before they fall victim — and achieve higher coverage limits. Here are some best practices to follow:

• Install multi-factor authentication (MFA): MFA is among the must-haves for cyber coverage, because it's one of the most effective cyber security measures you can take to prevent attacks. According to RPS's US. Cyber Market Outlook, nearly all cyber insurance providers added MFA as an underwriting requirement in 2021. Yet research suggests that 70% of organizations⁶ still rely on a password-centric authentication approach. Having MFA keeps attackers out of your accounts and denies access to secure information. It also gives a heads-up to IT when there are unauthorized login attempts, so they can go on the defensive.
• Maintain an incident response plan: Over 55% of organizations want to improve time to containment and incident response automation, but more than 45% state inadequacies in detection and response resources.⁷ It's important to regularly review your incident response plan and make updates and changes that are aligned with the latest external threats and any new internal developments at your company or with its vendors. Conduct intermittent incident response drills and adjust your plan accordingly. It's better to learn about issues during testing than during the real thing.
• Hold ongoing employee education and training: Human error is a major contributing factor to cyber attacks. After the NotPetya cyber strike, Mondelez instituted new security awareness initiatives to promote cyber hygiene best practices in its offices and production plants.⁸ The program uses video-based lessons on topics such as phishing, data leaks, Microsoft Office security and Zoom bombing. The Mondelez IT team follows up with phishing simulations and assessment questions to see if the lessons are retained. Advise your clients to set up employee cyber training to help combat human error and prevent future attacks.

Cyber threats have been around for years, but as the COVID-19 pandemic continues to have a ripple effect on the trend towards increased remote work and digital-centric operations, bad actors are increasingly able to disrupt massive, multinational organizations. The stakes are higher, the risks are spiraling, and the associated costs aren't going away anytime soon. To best combat this threat, it's on corporations and their insurance brokers to do everything they can to ensure that they're covered in the case of a ransomware attack or other cyber intrusion. Because, often clients never know they're at risk until it's too late.

Sources

¹"Global Cyber Intrusion Activity More than Doubled in First Half of 2021, According to Accenture's Cyber Incident Response Update," Accenture Newsroom, 4 Aug 2021.

² "Ransomware Recovery Cost Reaches Nearly $2 Million, More Than Doubling in a Year, Sophos Survey Shows," Sophos, 27 Apr 2021.

³Rivero, Nicolas. "Ransomware Hacks Are Pushing Cyber Insurance Premiums to Record Levels," Quartz, rev 20 Jul 2022.

⁴"Best's Market Segment Report: Ransomware and Aggregation Issues Call for New Approaches to Cyber Risk," AM Best Information Services, 2 Jun 2021.

⁵Fancher, Don, et al. "Seven Hidden Costs of a Cyberattack," Deloitte, no date.

⁶Ryan, Sean. "Passwords Belong In Time Capsules, Not IT Ecosystems," Forrester, 5 Mar 2020.

⁷Brawner, Marc and Andrew Beckett. "The State of Incident Response — Findings Highlight Growing Reliance on IR and MDR Partners," Kroll, 26 Apr 2021.

⁸Barth, Bradley. "No More Snack Attacks? Mondelez Hopes New Security Training Will Prevent the Next 'NotPetya'," SC Media, 14 Apr 2021.