Insurers are getting tougher with corporate customers in response to the increasing ferocity and frequency of ransomware attacks. Hackers, criminal groups often supported by state actors, freeze access to an organization’s network or hold its data hostage until a ransom has been paid, exposing insurers to unlimited liability. Some insurers are leaving the cyber insurance market due to exposure.
A steady stream of attacks has led insurers to take a hard look at the premiums they charge. Costs are rising. Insurance broker Aon released data indicating that premiums jumped 27% from 2020 levels from the start of April to mid-May of this year.
“Strikes have shaken the market. Insurers are imposing limits on claims payments and tying payments to policyholders’ actions,” said Glen Shok. He leads strategic alliances at Panzura, a major provider of global file system technologies that make it easier for large organizations to manage and store unstructured data files.
As the ransomware crisis spreads, the company has seen an uptick in demand, according to Shok. “Our customers want to better understand how they can protect their data and also control cyber insurance costs.”
Insurers want to keep data-paralyzing hackers from extorting big trophies from their clients. They are also concerned about the break-even point of cyber insurance payouts. Shok said the economics of ransomware mean attackers are motivated to target organizations that have insufficiently protected their data and networks. “It’s the path of least resistance and the greatest return on investment.”
Shok says insurers are getting more stringent about the controls that are in place for ransomware protection, prevention and recovery. Higher prices are a result of tighter underwriting that takes into account security measures. Inadequate protection and recovery controls will reduce the coverage offered by many insurers, often cutting limits by half.
He advises customers to review their security practices and prepare an analysis of the value and nature of their data before talking to insurers about coverage options. Providing brokers and underwriters with better information may secure better terms.
“Conditions are getting tougher. Low controls mean higher rates and less coverage. Demonstrating higher data resilience may help when negotiating rates, more comprehensive cover and lower coinsurance.”
Panzura works with its customers to provide a Statement of Ransomware Resilience, along with other types of documentation, which insurers can consider when determining terms and premiums. Shok said insurance policies increasingly require policyholders show they have deployed prevention and recovery software that shields networks and data from malware infection.
The Panzura global file system seems right for the moment. Shok said ransomware has become one of the main drivers behind its adoption because Panzura uses an immutability approach to storing data which makes the system inherently resilient against ransomware.
He says enterprise companies have been courting risk by using legacy file systems that do not offer these types of technical safeguards. “Immutable architectures are getting a lot of attention because they make it less likely a company will need to pay a ransom to regain access to their data, even if they are attacked. Data stored in a Panzura filer cannot be encrypted because an unalterable, clean data set is always maintained.”
Shok says the attack surface is significantly wider than it was a year ago, and companies simply cannot do business without putting controls like immutability into place. “Insurers understandably are passing higher coverage costs to customers, but the price has to match the risk. Our goal should be to reduce that risk for both insurers and businesses,” he said.
The U.S. Government Accountability Office recently reported that insurers are avoiding some sectors like healthcare where ransomware schemes have been especially damaging. Federal Reserve chairman Jerome Powell said cybercrimes are the biggest systemic threat to banks and credit markets. Attacks have increased forty-fold, to more than 200,000 each week in little more than a year since April.
As ransomware heats up, insurers are urging companies and even entire industries to vastly improve their defenses. Shok said ransomware is a threat to the global economy, and prices of cyber insurance are an indication that insurers take that threat seriously.
“The ransomware rampage is not just harming the companies that are attacked. It’s spreading pain to the entire economy on so many levels, but we can get this under control. Immutability is a relatively easy way to keep data out of harm’s way and help actuaries determine how to write policies that balance risk with loss.”
Nearly all of the growth in U.S. cyber insurance claims last year is attributed to ransomware incidents, which now account for 75% of all claims, according to a June report. Shok said technology makers, policyholders and insurers equally share responsibility for bringing costs down.
