Cyberattacks continue to dominate news headlines, driven by a surge in ransomware events, which increased by an overwhelming 148% in 2021. The perpetrators of these attacks now demand multimillion-dollar ransom payments as they cripple a business’s operations, bringing them to a standstill until a payment is made.
As cyberattacks become more prolific, related insurance claims follow, meaning underwriters have been able to identify a correlation between certain controls and corresponding cyber incidents. Through this analysis and the continuous examination of relevant data points, the insurance industry has a rich understanding of the technical steps that organizations can take to build their cyber resiliency.
However, due to the growth in attritional losses, consequently insurers are now taking a much more cautious position. Insurers are tightening their underwriting terms, carefully analyzing all cyber insurance applications, and asking more questions than ever before about an applicant’s cyber operating environment and risk controls.
The adoption of certain controls has now become a minimum requirement of insurers, with organizations’ potential insurability on the line. Organizations are undoubtedly placing more emphasis on controls than ever before to help mitigate their ransomware risks and improve their overall cybersecurity position and resilience.
Organizations are recommended to implement a number of cyber hygiene controls that are key to achieving cyber resilience and insurability.