What are the elements of this risk and how to protect your business?
Cyber security is one of the most pressing concerns for organizations around the world. According to a study by security firm Sophos, 51 percent of all surveyed businesses were hit by ransomware in 2020 and ransomware attacks have increased on a global scale by 350% since 2018. Companies are looking to cyber insurance to protect their business from the increasing threat posed by the rising occurrence of cyber attacks.
What is cyber insurance? What is ransomware?
Ransomware is a type of malicious software that cyber criminals use to encrypt or block access to all of your data. Once the ransomware has infected your computer or database, it will ask you to pay a ransom in exchange for unlocking or decrypting your data. This increasingly common threat is forcing many companies to go out of business due, including many SMEs in the UAE.
Cyber insurance is designed to protect your business in the event of a ransomware attack. Although ransomware coverage has been traditionally included to a certain degree within standard cyber insurance policies, stand-alone cyber policies that cover ransomware are becoming more necessary.
Not all cyber insurance policies are created equally
Similar to other insurance policies, there are a number of policy options available, at various price points and they offer varying degrees of protection and coverage. Before you invest in cyber insurance you need to look for the key elements necessary to protect your business from the threat of ransomware and other cyber threats.
A robust cyber insurance policy will cover the following elements:
- Ransom payment: First and foremost, your cyber insurance policy should cover the amount of your ransom to regain access to your data and systems. You will need to make sure your potential policy covers the potential risk amount, because you will be left holding the bag for any cost outside of the ransom coverage amount.
- Forensic Expenses: You have determined that data has been compromised and need to investigate what happened, how it happened, and what information was accessed. You want your policy to cover the expenses associated with hiring an outside forensic team to investigate the breach.
- Legal Expenses: If your business falls victim to a cyber attack, you’ll need legal representation to determine the scope of the breaches, as well as to inform you of who will need to be notified (i.e., the government, clients, etc.). You may also need legal representation to defend yourself in the event a legal suit is filed against you as a result of the attack.
- Notification Expenses: When a business falls victim to a cyber attack, you will need to notify anyone impacted by the breach. This expense can include postage, paper, printing, call centers, etc., and it’s important to make sure your cyber ransom policy includes coverage for this fee.
- Regulatory Fines and Penalties: Depending on the circumstances and severity of your data breach, your business may be subject to fines and penalties.
- Credit Monitoring and ID Theft Repair: While not legally required, it is generally agreed that offering these services to the interested parties will reduce potential legal liability, save your reputation, and is generally considered the right thing to do.
- Public Relations Expenses: The manner in which your company reports the breach to the media is essential to restoring your reputation and maintaining the relationships with your clients, business associates, vendors, partners, etc. Adding public relations coverage to your cyber policy can save you this costly expense.
Consult a cyber insurance professional
Understanding how cyber insurance coverage can assist your business in the event of a cyber attack not only protects your financial interests but also saves valuable time in regaining access to blocked data. At Petra, our team of insurance professionals is here to help you determine how much ransomware insurance your business requires, as well as which elements to include in your policy, to ensure you are fully protected from cyber criminals.