EXPERT OPINION a ransom outright . The average ransom paid by mid-sized organisations was US $ 170,000 .
In a typical ransomware attack , malicious hackers encrypt data until a ransom has been paid . For those that have ransomware insurance , the insurer often pays the ransom and compensation for business downtime and data recovery . For those organisations that have insurance against ransomware , when the ransom is paid to get the data back , 94 % of the time it is the insurance company that pays .
One key challenge for today ’ s security value chain is the fact that , unfortunately , cyber-insurers and cybersecurity incident response teams ( CSIRTs ) are fighting over the same budget from customers . Thankfully the market has moved on from the situation five to 10 years ago when some , less mature , organisations would include security tools and services more generally in the same budget category .
This improvement has been driven by an increasingly prescriptive approach from cyber-insurers as to the baseline security controls they expect to see in place before they are willing to provide coverage . The fact remains that cyber insurance and incident response functions should both be perceived as stakeholders in a team that needs to work together . One is needed to assess , manage and prevent cybersecurity-related emergencies , as well as coordinate the incident response efforts after an event has taken place . The other is needed to seek financial compensation after the event has finished and once the damage can be properly assessed .
Mind the gap
As the cyber insurance market matures and hardens following a surge in losses , CSIRTs can potentially fill the gaps in cases where businesses are left exposed in their preparedness .
With many cyber-insurers starting to see their costs rise in line with the intensifying threat landscape , they are rightfully looking at means by which they can start to bring these costs back under control . Among other tactics , there are three key themes to this approach : to better quantify their customers ’ levels of risk ; to become more specific in terms of
Research by Orange Cyberdefense shows that the number of cyberattacks targeting businesses increased by 13 % between 2020 and 2021 , with manufacturing , professional services and retail hit the hardest .
the security tools and services policy holders are expected to adopt in order to qualify for coverage ; and to become more specific in terms of what does and does not fall under coverage of their policies .
The huge rise in prices for cyber insurance is a wake-up call for all sections of the industry to work better together . As partner stakeholders in the cyber insurance ecosystem , both cyber-insurers and CSIRTs are dependent on each other and should be working together to achieve a mutually beneficial balance .
Cybersecurity should be at the forefront of priorities for all chief executives , regardless of whether they have separate cyber insurance policies to mitigate their losses . Whatever their specific circumstances , senior figures within every organisation should remember the following :
42 www . intelligentciso . com