Safeguard your agency.


Safeguard your agency.

Big "I" E&O Guardian

Love Letters: Break Cybercriminals’ Hearts by Establishing Robust Cybersecurity Protocols and Maintaining Appropriate Cyber Insurance

Print Friendly, PDF & Email
It's not the kind of note you want to receive from a secret admirer: "Dear Business, we have decrypted all your data and blocked access to your computer systems. Unless you pay us millions of dollars, you will remain locked out and we will start posting your and your clients' sensitive data online. Can't wait to hear from you! The 24-hour clock has started! Love, Cybercriminal."

And, before anyone starts to feel too special, in 2020, these not-so-lovely notes have tortured over 2,400 U.S.-based organizations. To make matters worse, the average ransom demand has escalated. In the first half of 2021 it was $1.2 million, a 170% increase from the average demand in the same period the year before, according to cybersecurity insurance provider Coalition Insurance Solutions Inc.

While it is extremely difficult to thwart these attacks or prosecute cybercriminals, cyber experts agree      on a few proactive steps organizations in any sector and of any size can take to minimize the impact of a ransomware event:

1) Back up data in offline, off-site systems. This will improve the ability to restore data without paying a ransom.

2) Establish multifactor authentication (MFA) protocols. This can prevent a bad actor from accessing your network or account. Do not allow any circumvention of MFA—even the C-suite needs to follow the protocols.

3) Conduct frequent cybersecurity training. Human error is still the most common way for cybercriminals to gain entry. Enforce robust password protocols, disallow non-sanctioned electronic devices, and test employees frequently to ensure they do not click on suspicious email links.

4) Implement thoughtful access control. The more access granted, the more leverage an attacker has when compromising an employee’s credentials. Only grant employees access to information that’s relevant to their job.

5) Test your incident response plan. Anticipate and prepare for operational, legal and communication issues that arise during a ransomware attack, including sending immediate notification to your cyber insurer.  

Your cyber insurer can quickly deploy experienced incident response resources to take the crucial initial steps necessary to protect the organization.. And, because decryption and data restoration arising from a ransomware attack can last weeks, cyber policies also can cover business interruption, reputational damage, extra expenses and data restoration.

Of course, cyber policies continue to evolve with cyber risks and exposures, so be sure to review the policies with your clients.  You can’t avoid being the object of a cybercriminal’s affections, but you can break cybercriminal hearts this Valentine’s Day by establishing robust cybersecurity protocols and maintaining appropriate cyber insurance. That way you can respond to the ransom note in the best way: “not interested.”

And by the way, offering cyber insurance to your clients and receiving “not interested” in response is also another great way to avoid an errors & omissions claim as well.

For more information and expertise on cyber claims visit corporatesolutions.swissre.com. . Insurance products underwritten by Westport Insurance Corporation, Kansas City, Missouri, a member of Swiss Re Corporate Solutions.     

This article is intended to be used for general informational purposes only and is not to be relied upon or used for any particular purpose. Swiss Re shall not be held responsible in any way for, and specifically disclaims any liability arising out of or in any way connected to, reliance on or use of any of the information contained or referenced in this article. The information contained or referenced in this article is not intended to constitute and should not be considered legal, accounting or professional advice, nor shall it serve as a substitute for the recipient obtaining such advice. The views expressed in this article do not necessarily represent the views of the Swiss Re Group (“Swiss Re”) and/or its subsidiaries and/or management and/or shareholders.

Print Friendly, PDF & Email
Swiss Re Corporate Solutions

Swiss Re Corporate Solutions

Search Articles:

All Topics:

Claims Advisor Archives:

Trending:

didn't find what you are looking for?

search again

WATCH THIS SERIES ON-DEMAND!

1. The Attorney’s Perspective
Watch On-Demand
2. The Agent’s Perspective
Watch On-Demand
3. The Association’s Perspective
Watch On-Demand
4. The Claims Adjusters’ Perspective
Watch On-Demand
5. The Auditors’ Perspective
Watch On-Demand
6. Wrap-Up
Watch On-Demand

UPDATED
PROCEDURES
MANUALS

COMING SOON

We'll Notify You When This Resource is Ready:

updated
STANDARD OF CARE

COMING SOON

We'll Notify You When This Resource is Ready:

Find articles and pages by using the corresponding search field.
SEARCH FOR ARTICLES:
SEARCH FOR PAGES: