Earlier last month, CNA Financial reportedly paid a $40 million ransom after a ransomware attack and the CEO of Colonial Pipeline Co. admitted that his firm paid $4.4 million to a criminal gang after a ransomware attack led the company to shut down its 5,500 mile-long pipeline for nearly a week. It’s not clear whether Colonial Pipeline and CNA are seeking reimbursement from their insurance companies for the ransoms paid. However, increasing number of cyberthreats, especially ransomware attacks, is leading some cyber insurers to take drastic action. A recent report from GAO (Government Accountability Office) describes the current circumstances and challenges faced with regards to cyber insurance. 

Let us take a look at the challenges faced by cyber insurance industry:

Currently cyber insurance coverage varies by industry and entity size. For example one way to understand the extent of coverage is through take-up rates. Insurance take-up rates refer to the percentage of entities eligible for coverage that elect to take it. Take-up rates have increased from 26% in 2016 to 47% in 2020 based on data from Marsh McLennan , see chart below:

Here is a industry-wise view of the above data from Marsh McLennan:

The amount of growing risk has created uncertainty in evolving Cyber Insurance Market. Here are major factors that have contributed to it:

While the cyber insurance space continues to evolve driven by external factors, it is important that businesses take a proactive approach to cyber security rather than a reactive one.

Better to be safe than sorry.

Most organizations tend to focus heavily on the reactive side and are quite light on the proactive part. Read more about this imbalance between proactive and reactive cybersecurity here. Also, check out our guidance on preventing or limiting the impact of ransomware attacks here.

For more details visit our website or write to us at info@threatwatch.io

Leave a Reply

Your email address will not be published. Required fields are marked *