Does Cyber Insurance Cover The Cost Of Ransomware?
Don’t make the mistake of thinking cyber insurance will fully nullify any effect ransomware could have on your business. While it’s smart to invest in cyber insurance, that doesn’t mean there won’t still be consequences in the fallout of an attack — that’s why you need to invest in protection too.
Are you hoping cyber insurance will totally protect you against ransomware?
Sorry to break it to you, but that’s not really how it works. Most policies will cover some costs, such as litigation and associated support for your IT assets, but it likely won’t cover any actual ransom payments.
That’s why cyber insurance is just one part of an effective cybersecurity policy. Before going further, let’s start with the basics…
What Is Cyber Insurance?
Often referred to as cyber liability or data breach liability insurance, cyber insurance is a type of stand-alone coverage.
The fact is that it only works if you have it before you get hit. If you try to get a policy while you’re reeling from a ransomware attack, it’s essentially like trying to get health insurance with a pre-existing condition. This is the kind of assumption a lot of businesses make – since they haven’t been hit yet, they never will.
Cyber insurance is designed to help businesses cover the recovery costs associated with any kind of cybersecurity incident including:
- Breach and event response coverage: A very general and high-level form of coverage, this covers a range of costs likely to be incurred in the fallout of a cybercrime event, such as forensic and investigative services; breach notification services (which could include legal fees, call center, mailing of materials, etc.); identity and fraud monitoring expenses; public relations and event management.
- Regulatory coverage: Given that a range of organizations (such as The Securities and Exchange Commission, the Federal Trade Commission, the Department of Homeland Security, and more) have a hand in regulating aspects of cyber risk in specific industries, there are usually costs that come with defending an action by regulators. This covers the costs associated with insufficient security or “human error” that may have led to a privacy breach. Examples may include an employee losing a laptop or e-mailing a sensitive document to the wrong person. However, this type of coverage is not just limited to governmental and healthcare-based privacy breaches. It can also be useful for nongovernmental regulations that intersect with the payment card industry and are subject to PCI standards.
- Liability coverage: This type of coverage protects the policyholder and any insured individuals from the risks of liabilities that are a result of lawsuits or similar claims. Put simply, if you’re sued for claims that come within the coverage of the insurance policy, then this type of coverage will protect you.
There is a range of types of cyber insurance liability coverage, which include:
- Privacy liability: This applies to the costs of defense and liability when there has been a failure to stop unauthorized use/access of confidential information (which may also include the failure of others with whom you have entrusted data). Coverage can also extend to include personally identifiable information and confidential information of a third party.
- Security liability: On a higher level, this type of coverage applied to the costs of defense and liability for the failure of system security to prevent or mitigate a computer-based cyber attack, which may include the propagation of a virus or a denial of service. An important note – failure of system security also includes failure of written policies and procedures (or failure to write them in the first place) that address secure technology use.
- Multimedia liability: This type of coverage applies to the defense and liability for a range of illegal activities taking place in an online publication, such as libel, disparagement, misappropriation of name or likeness, plagiarism, copyright infringement, or negligence in content. This coverage extends to websites, e-mail, blogging, tweeting, and other similar media-based activities.
- Cyber extortion: This type of cybercrime event is generally a form of a ransomware attack, in which a cybercriminal keeps encrypted data inaccessible (or, alternatively, threatens to expose sensitive data) unless a ransom is paid. Coverage of this type addresses the costs of litigation and support, for threats related to interrupting systems and releasing private information.
Will Cyber Insurance Mitigate The Damage Of Ransomware?
As mentioned above, no, most cyber insurance policies will not cover the ransoms you’ll be expected to pay if infected with ransomware. Furthermore, it’s important to remember that even if you pay the ransom, there’s a good chance you won’t recover your data and will be a likely target for a follow-up attack.
That’s why you need to invest in protection as well. You can’t expect a cyber insurance policy to keep you 100% protected. Think of it this way: even though you may have a comprehensive car insurance policy, that doesn’t mean you would drive recklessly, or leave the key in the ignition and the doors unlocked when you park it, right?
How Can You Defend Against Ransomware?
The best way to defend against ransomware is to work with an IT company (like Lan Infotech) whose team can implement a range of cybersecurity protections that will keep your data protected and your business in operation, no matter what happens:
- Access Controls: Access controls should be configured so that shared permissions for directories, files and networks are restricted. The default settings should be “read-only” access to essential files, with limited permissions for write access to critical files and directories. Furthermore, only those needing local admin rights are to be provided with that access.
- Firewall: Your firewall is your first line of defense for keeping your information safe. A firewall is a particular type of solution that maintains the security of your network. It blocks unauthorized users or suspicious connections from gaining access to your data. Firewalls are deployed via hardware, software, or a combination of the two.
- Network Monitoring: Your IT company should be keeping an eye on your systems around the clock, identifying and suspicious activity and addressing it immediately to prevent any negative effects.
- Data Backup: If you have a data backup solution, then it doesn’t matter if your data has been encrypted. You can just replace it with your backup, simple as that.
That’s why you should make a considerable investment in a comprehensive backup data recovery solution so that you can restore your data at a moment’s notice when necessary.
Be sure to:
- Back up data on a regular basis, both on and offsite.
- Inspect your backups manually to verify that they maintain their integrity.
- Secure your backups and keep them independent from the networks and computers they are backing up.
- Separate your network from the backup storage, so the encryption process is unable to “hop” networks to the backup storage device. This keeps your backup data from being encrypted.
What’s The Best Way To Protect Yourself Against Ransomware?
When you’re not sure if you have the skills or knowledge to get the job done, what can you do? Consult with cybersecurity professionals like those on the Teamspring team.
We use Huntress Breach Detection, which provides accurate and automated breach detection capabilities, making sure that no ransomware, viruses, or other threats penetrate your systems.
Whether it’s conventional malware such as trojans, ransomware, worms, backdoors, or memory-only, Huntress will notify us when one tries to infect your systems, so we can make sure it doesn’t.
Get in touch with the Teamspring team to get started with preventative ransomware protection.