May 24, 2022
Cybersecurity rates are increasing while coverage is decreasing. Per the Wall Street Journal, “Direct-written premiums collected by the largest U.S. insurance carriers in 2021 swelled by 92% year-over-year”. Most of the increase is due to the sophistication of the attacks, higher ransomware payment demands, and the number of attacks. The State of Ransomware 2021 global survey (per Sophos) includes the following chilling facts:
All this bad news results in cybersecurity insurance increases for your organization.
Review your cybersecurity posture – take a self-assessment against theCIS Critical Security Controls (CIS Controls). Seeing how your organization ranks against the control can provide a snapshot of focus areas for improvement before obtaining or renewing your cybersecurity policy. If you aren’t sure where to start with the assessment or need help implementing improvements, Dewpoint’s cybersecurity experts are here to assist.
Review your data – the more highly sensitive data your organization holds, the more risk. Taking the simple step of reviewing your data can reduce your premium. Determine if you need the data to conduct your business and review the best way to safeguard it through additional security and limiting access to critical employees. If you need to print the information, make sure the paper is kept in a locked cabinet and office and destroyed in a secure method. If it is all virtual, use encryption software for email and limit file-sharing capabilities.
Review your policy for loopholes – most insurance policies do not cover “an act of war.” If a ransomware attack occurs because of the current Russian invasion of Ukraine, would you be covered? It’s an excellent question to ask your provider, given the uncertainty in our world, and determine the definition of “war.” For more information on different types of insurance and what they cover, click here.
Navigating through the cybersecurity insurance maze can be a daunting task. Dewpoint can help by starting with an assessment to identify gaps in your current environment and recommendations to reduce those gaps. Organizations with poor security controls may be uninsurable or unable to afford a policy if available. Reach out to one of our security experts to help you get the most value out of your cybersecurity insurance and increase your overall security posture.