Organizations would like the government to help with ransomware demand costs
Businesses are increasingly concerned about how they will meet ransomware demands. Only 19 percent of those surveyed have ransomware coverage limits above $600,000, while over half (59 percent) hoped the government would cover damages when future attacks are linked to other nation-states, according to BlackBerry Limited and Corvus Insurance.
SMBs, who have become a favorite criminal target, are especially feeling the heat. Of businesses with under 1,500 employees, only 14 percent have a coverage limit in excess of $600,000. A recent Forrester report estimated that a typical data breach would cost the average organization $2.4 million to investigate and recover. Perhaps unsurprisingly, 50 percent of SMB respondents hoped the government would increase financial aid in all ransomware incidents.
“Not only are there more ransomware threats than ever, but the criminals are more ruthless. They will iterate threats and wait patiently in order to extract maximum damage,” said Shishir Singh, Executive Vice President and CTO, Cybersecurity at BlackBerry.
“For uninsured and underinsured organizations, this potentially puts them in extreme jeopardy. The cyber underground is increasingly sharing learnings and partnering to make threats as efficient as possible. It’s vital businesses strengthen their security posture against these threats by supplementing insurance with a prevention-first software approach that lowers their overall risk.”
Many businesses reported cybersecurity coverages that are poorly tailored to their current situation. Over one-third (37 percent) of respondents aren’t currently covered for any ransomware payment demands, while 43 percent aren’t covered for auxiliary costs such as court fees or employee downtime.
At the same time, cyber insurance has become harder to get, due to increased software requirements placed by insurance brokers. Over one-third (34 percent) of respondents have been denied coverage due to not meeting specific Endpoint Detection and Response (EDR) software requirements. These increased requirements however may be having a real impact on reducing ransom payouts.
“Though it might sound counterintuitive, continuing to adhere to software requirements is one of the best ways to fight the ransomware industry,” said Vincent Weafer, CTO at Corvus. “In our portfolio alone, we’ve seen a 50 percent reduction in the ratio of ransom demands that end up being paid. Better software adoption is a critical element in better positioning organizations to stand up to attackers.”