Impact on Insurers
SC Magazine neatly summarized the challenge facing insurers and their SMB clients. “The FBI reported that in 2020 because of the pandemic, ransomware attacks skyrocketed 400% over the previous year, with ransom payments moving from thousands to millions of dollars… A single change like this in the threat landscape completely changes the risk equation of any company.”
For years, each cyber insurer has granted policies based on a unique, proprietary risk questionnaire. To make a finer point, every breached company claiming cyber damage had successfully answered their insurer’s risk survey. With the rapid rise in claims paid out, “insurers need to spend time and money developing more accurate risk profiles, so they can offer policies that are profitable for them and useful to customers.”
Based on recent conversations with several leading cyber brokers, insurers are going beyond improving their questionnaires and are beginning to decline coverage for companies unable to prove that they have taken basic measures to prevent attacks. Other innovative practices such as adaptive cyber policies are likely to become mainstream. A recent Forbes article says, “As the industry begins to better understand cyber risk, better data will be available surrounding the connection between preventative behavior, such as implementing better security controls, and the behavior’s impact on companies in the case of a cyber event. This could lead to month-by-month premiums or credit mechanisms for add-on services based on a reevaluation of the risk and rewards for positive behavior.”
Advancing the State of the Art
Increasingly severe and frequent cyberattacks combined with greater demands from insurers for better risk mitigation are forcing SMBs to look for innovative technical solutions. Basic perimeter protection like firewalls and endpoint protection like anti-virus must be kept in place, but those measures alone have not prevented the dramatic rise in debilitating ransomware payouts.
Businesses need new technical solutions that provide more direct relief than the current state of the art. Monitoring suspicious network activity is helpful, but it often generates more work than small IT staff can handle. New layers of technology that immediately neutralize threats are needed to bring a new level of resilience and protection to businesses and a manageable level of risk for cyber insurance underwriters.
There’s no silver bullet solution with cybersecurity; a layered defense is the only viable defense.
James Scott, Sr. Fellow
Institute for Critical Infrastructure Technology
Bob Barker is a contributing author to INTRUSION specializing in the insurance space. He is a strategic partnering and cybersecurity strategist. He is the founder of Partnering Source, as well as a co-founder and chief strategy officer at Cybernance Corporation. He also serves as a strategic advisor to innovative technology companies, including Intrusion Inc., a public AI-powered cybersecurity company. He has written extensively for numerous business publications, including Westlaw Journal, Directorship (National Association of Corporate Directors), TexasCEO Magazine (The American CEO), Advisen’s Front Page News, and Information Management, and he has been quoted in The Wall Street Journal and Forbes.
Ready to get protected?
INTRUSION Shield is inexpensive enough to be affordable to every business, large or small. For a small fee per seat, per month – with no annual contract and no hardware to buy – you can get immediate protection.
Get your free report
Simply enter your URL and get a detailed report emailed to you.