IT environments are simply too complex and too dynamic for self-attestation, based on manual processes, to ever work. Without continuous monitoring to accurately assess compliance to cyber insurance requirements, organizations remain at risk.
Leading insurer Lloyd's of London has issued a dire warning about a potential cyber attack scenario on one of the world's major payments systems, estimating that the global cost would total about $3.5 trillion and that much of the recovery cost would not be covered by insurance policies.
Report shows cyber insurance coverage continues to become harder to obtain even as demand and prices continue to increase. For some small businesses, even a meaningful level of partial coverage might be out of reach at this point.
Cyber insurance only forms part of the puzzle in bolstering cyber resilience. Even with cyber insurance, businesses must not consider themselves immune from ransomware attacks. They must still implement cyber hygiene practices as part of a holistic data protection and recovery strategy.
Victory for Pharma Giant Merck in NotPetya Cyber Attack Suit Redefines “Act of War” Insurance Claims
Victory for Merck in the long-simmering suit on the 2017 NotPetya cyber attack means that cyber insurers now have much less ground to stand on when denying insurance claims on an "act of war" basis.
In today’s cyber security environment, organizations always strive for getting the best return on investment when shopping for cyber insurance. Companies desire low-cost policies without accurately assessing risk. Insurers want low risk and to cover as little as possible. How did we get here and where do we go?
In late December last year, Mario Greco, the chief executive of insurance giant Zurich sent shockwaves through the business world when he announced that cyberattacks are set to become uninsurable. Cyber insurance providers are left with no choice but to tighten their policies, or risk going bankrupt.
The UK financial regulator found that cyber insurance firms "mostly" weathered the stress test, in the sense that only a small number reported concluding the scenario with an amount of funds on hand that would put them beneath national solvency capital requirements.
2020 and 2021 were record years for ransomware payments at about $765 million. The take collected by ransomware operators is now down 40% to $457 million in 2022.
Things have been tough recently in the cyber insurance industry. Businesses have a difficult time finding affordable policies while underwriters struggle to return loss ratios to profitable levels. These challenging times, however, are forging a resurgence in cyber business intelligence.