What Insurers Need to Know About Next-Gen Cyber Threats
Insureds seeking carrier or coverage or insurers seeking reinsurance face the same challenges: demonstrating security controls, training and concentration of risk.
Cyber intruders are using the experience of early ransomware efforts to design deeper, multi-layered attacks that combine holding data hostage with the possibility of intentional breaches.
Ransomware developers have begun selling their software to would-be peers, making it more difficult to identify the source by the characteristics of the attacking software.
Insurers seeking profitability in cyber are closing monitoring rate, limits and underwriting.
The decision to pay or reject ransom demands is a complicated mix of identifying the source, evaluating backup plans and remaining compliant.
Characteristics of a ransomware attack reveal much about the source or identity of the attack, which can help determine the likelihood of recovering their data.
Ransomware attacks are expensive, including costs of payment, operational interruptions, data restoration and more.
Insurers writing cyber coverage look to their reinsurer for trends, perspective on risk accumulation, and risk management resources.
Insurers and reinsurers are learning to better distinguish what cyber risks are insurable, high-risk but insurable, or uninsurable.
Some cyber intrusions result in full-fledged data breaches, which trigger mandatory regulatory and legal responses.