The prevalence of cyber attacks against businesses is only growing, and with it, the importance of cyber insurance is increasing. A cyber threat to a business can not only halt operations, lead to a loss of revenue and cost the company a large sum of money to get back up and running, but it can tarnish the reputation of the business and break the trust between business and consumer. But there has been a new discussion gaining traction recently – that cyber insurance actually encourages ransomware and other cyber attacks. The arguments to this view point are flawed – as we will see – and here at GSK Insurance we aim to show you the importance and value in cyber insurance in today’s digital age. 

Is ransomware targeted? 

An important thing to note in the discussion about the importance of cyber insurance is that ransomware attacks are not ‘targeted’. To target one company or network is time consuming and costly, and doesn’t have a guaranteed success rate for the hackers. Instead, an attack will be launched against a specific – but widespread – vulnerability. In this way, the ransomware is distributed widely in the hopes that someone will take the bait, rather than targeted to one specific potential victim and have a higher chance of failure. Rather than targeting one company at a time, the attackers distribute widespread chaos and hope that something sticks. 

Incentives to pay the ransom

The consequences of ransomware or any form of cyber attack can be huge. A company can face massive losses financially and otherwise if ransomware halts operations or leads to loss of business or customers, and it can cause issues for days, weeks or even months. Oftentimes the loss the business faces from the halting of operations is even larger than the ransom itself. Insurance is vital to absorb these costs, whether to cover the losses as a result of the cyber attack, or to pay the ransom and gain back full business operations. 

It’s your call

Ultimately, it’s up to the insured party to decide to pay the ransom or not – not the insurer. The insurance company will be able to assist with bringing in the right team of experts to assess the situation, recommend a timely response, and begin to recover from the attack. But if the insured party decides against paying the ransom, the insurance company will support this and cover will still stand. 

Education and prevention

Far from just responding after an attack has occurred, cyber insurance also works with the insured party to prevent cyber attacks. During the insurance underwriting process, the insurance company will educate the insured party on the threat of cyber attacks and how to prevent them, as well as raising awareness and identifying how the company should be responding to potential threats. A large number of cyber attacks are through phishing, and insurance companies will look into how the insured party is combating these potential threats. 

Cyber insurance and other risk management

A cyber insurance policy, while vital, should not be your only defence against ransomware and other cyber threats. It’s important to put in place other risk management solutions, to protect your business from cyber threats. These steps include the adequate training of staff to recognise threats, limiting user access, and having sound cyber safety. Your cyber insurance provider will be able to assist you with mitigating and reducing the risk of a cyber attack. 

Cyber insurance claims

Cyber insurance reliably pays claims relating to cyber attacks related to ransomware, disruptions to the network, data breaches, and other cyber threats. If the insured party chooses not to pay the ransom, the insurance provider will pay the related costs in recovering from the attack, and reimburse the business for the income lost as a result of the attack. While we understand nobody wishes to pay the hackers, sometimes the company under attack will make the decision to pay the ransom in order to minimise disruption to their operations and network. Cyber insurance policies will cover these costs, as well as the cost of experts required to negotiate with the hackers. 

Check your policy

Ransomware threats are widespread and target vulnerabilities among many different networks at once. Having in place a sound cyber insurance policy can offer peace of mind against cyber threats – knowing you will be covered against loss of income due to a cyber attack, and will also be able to get back into control much faster. Ultimately, the decision is left up to the insured party as to whether to pay the ransom or not – and your insurance policy will cover you either way. In the digital age in which we live, the threat of cyber attacks is ever-evolving and increasing, and a cyber insurance policy is one of the best ways to combat against hackers, ransomware and other cyber attacks. For more information on finding the best cyber insurance policy for you, get in touch with your GSK Insurance broker today.

March 25, 2021

By Graham Knight

Founder and Managing Director of GSK Insurance (established in 1981). Graham draws upon more than 50 years’ experience in the insurance industry, working in both insurance and broking across various private, public and government sectors in Australia.

Leave a comment

Get a Free Quote Today!