Created: August 29, 2022 07:55
Cyber risk: A typical data breach would cost the average organization $2.4 million to investigate and recover (file image)
According to a new report, 81% of companies surveyed have a ransomware coverage limit of less than $600,000, which is lower than the median ransomware claim last year.
BlackBerry Limited and Corvus Insurance released the BlackBerry Cyber Insurance Coverage study, showing companies are increasingly concerned about how they will respond to ransomware claims.
Only 19% of respondents have ransomware coverage above $600,000, while 59% of companies hoped the government would cover damages when future attacks are tied to other nation states.
The report says small and medium-sized businesses, a favorite target of criminals, are particularly feeling the heat.
Among companies with less than 1,500 employees, only 14% have a coverage limit above $600,000.
A recent Forrester report estimated that a typical data breach would cost the average organization $2.4 million to investigate and recover.
Unsurprisingly, according to the report, 50% of SMBs surveyed hoped the government would increase financial assistance in all ransomware incidents.
Shishir Singh, Executive Vice President and Chief Technology Officer, Cybersecurity at BlackBerry, said, “Not only are there more ransomware threats than ever, but the criminals are more ruthless. They will iterate threats and wait patiently in order to extract maximum damage.
“For uninsured and underinsured organizations, this potentially puts them at extreme risk. The cyber underground is increasingly sharing learning and partnerships to make threats as effective as possible.
“It’s critical that organizations strengthen their security against these threats by complementing assurance with a prevention-focused software approach that reduces their overall risk.”
The report indicates that many companies have reported cybersecurity coverages that are ill-suited to their current situation.
More than a third (37%) of respondents are currently not covered for any ransomware payment claims, while 43% are not covered for ancillary costs such as legal costs or employee downtime .
At the same time, according to the report, cyber insurance has become more difficult to obtain, due to the increase in software requirements imposed by insurance brokers.
More than a third (34%) of respondents were denied coverage because they did not meet specific endpoint detection and response software requirements. These increased requirements, however, can have a real impact on reducing ransom payments.
Vincent Weafer, CTO at Corvus, said, “While it may seem counter-intuitive, continuing to meet software requirements is one of the best ways to fight the ransomware industry.
“In our wallet alone, we have seen a 50% reduction in the ratio of ransom demands that end up being paid. Better software adoption is a critical part of better positioning organizations to resist attackers. »
BlackBerry commissioned Team Lewis Research to conduct an online survey of 450 business decision makers for IT/security solutions in the United States and Canada. The fieldwork took place from 15 to 22 July.
Shishir Singh, Executive Vice President and Chief Technology Officer, Cybersecurity at BlackBerry
Vincent Weafer, CTO at Corvus