The legislative Interim Finance Committee was told Wednesday that the increasing number of ransomware attacks in the country have caused a major increase in the cost of cyber-security insurance.
Director of Administration Laura Freed said insurance against such attacks is up more than 500 percent from $70,000 to $481,000 this year.
Even the government has taken some measurements regarding the increase of ransomware attacks. The U.S. Departments of Justice and Homeland Security launched a website called stopransomware.gov to provide resources for people, businesses, and other organizations.
These attacks have become so frequent and so widespread that cyber insurance rates are spiking.
Increase of prices on cyber liability
It’s a sure sign of trouble when leading insurance industry executives are worried about their own prices going up.
Two separate CEOs of major insurance giants remarked in recent weeks about a considerable jump in cyber insurance premium prices: AIG’s chief executive said rates increased by 40% for its clients, while Chubb’s chief executive said that company was charging more, too.
These attacks have become so frequent and so widespread that cyber insurance rates are spiking, with Reuters reporting some premiums increasing as much as 25% in price
Rather than welcoming the trend, Chubb CEO Evan Greenberg offered a warning. Those price increases, he said, still don’t reflect the grave risk that a catastrophic cyber event poses.
In the past year, the evolution of ransomware has radically altered the landscape of cyber insurance, according to analysts inside and outside the industry. Cyber insurance covers a range of ransomware-related costs, like extortion demands, remediation efforts and other losses.
Ransomware now accounts for 75% of all cyber insurance claims, up from 55% in 2016, according to the credit ratings agency AM Best.
Even before the rise of ransomware, though, many analysts maintained that cyber insurance was particularly difficult due to an absence of historical data that complicated the kind of risk forecasting the industry typically uses to set prices. The issue has become severe enough that seven major insurers in June formed a company, CyberAcuView, to combine their data collection and analysis resources.
Now, rates are rising considerably as ransomware attacks increase. One North Carolina school board, for example, recently approved $22,318 for one year of cyber liability insurance — up from last year’s cost of $6,653, or a 235% jump.
Cost control measures
To date, insurers are not tending to offer policyholders the option to scale back their coverage to make cyber insurance rates more affordable. However, there is broad speculation in the industry that this will be forthcoming.
One cost control idea being floated in the cyber insurance market is to separate ransomware coverage from other forms of computer and network insurance. Companies may also be given the option of partial insurance coverage specific to ransomware attacks; high-risk companies with a history of breaches may be forced into this sort of model, which could pay out as little as 20% of the claim in the event of ransomware attacks.
Do you have Cyber Liability?
If the data is lost or compromised by a hacker while in your care, custody, or control, the owners might sue your company for damages. Your firm could also incur substantial notification expenses. States have privacy laws requiring businesses to inform individuals whose personal information has been compromised in a data breach. Do you have cyber insurance for your company? Do you have cybersecurity measures in place? If the answer is no, you must start now. Fill out the form and learn how we can help your business.