Issue - September/October 2021


Are You Prepared for a Cyber-attack? Cyber Liability Insurance Provides Peace of Mind

By Casey Myers, Vice President, Champion Risk & Insurance Services

According to Cybersecurity Ventures, a leading researcher for the global cyber economy, a company was attacked every 11 seconds in 2020. Victims with cyber liability insurance stayed in business, while many without it closed their doors within six months.

Large or Small—Your Company is at Risk

The ransomware business is extremely profitable, with losses estimated to be $20B by the end of 2021. Cyber criminals often infiltrate a company’s network undetected before making a ransom demand in order to:

  • Research a company’s ability to pay;

  • Determine which data to steal for the biggest return;

  • Analyze the most valuable data to ransom; and

  • Disable or corrupt backups.

Your company is at risk whether you have five employees or 500. When you have cyber liability insurance, and your system is under siege from a ransom demand, you must act immediately, starting with a call to your insurance specialist.

An incident response team will work to resolve the problem, including mitigation, recovery and mediation. Never negotiate with the extortionists directly—leave that to the professionals. Often, they can negotiate a lower ransom and mitigate any fines resulting from compliance, regulatory or privacy infractions.

Work with your broker and media response team to communicate with customers and the public preventing further damage to your reputation. Quality cyber liability insurance covers:

  • The ransom payment;

  • Data recovery and breach response costs;

  • Down time and loss of business;

  • Any compliance or regulatory fines;

  • Legal fees; and

  • Reputational damage.

The Best Offense is a Good Defense

Phishing accounts for 67% of ransomware attacks. Password hacking is responsible for another 30%. Your employees and IT infrastructure are the first line of defense against a ransomware attack. To reinforce that line, implement stringent multi-factor authentication protocols. Focus on security awareness training, implement a rigorous security patch process, and back data up frequently. Regularly test your defense and backup systems, and ensure that your company is sufficiently covered by cyber liability insurance.