No doubt about it, according to the FBI and their recent PSA, high-impact ransomware attacks continue to threaten U.S. businesses and organizations.
It is worth noting that this is the FBI’s second ransomware attack PSA,, as they released a similar PSA in 2016. With new ransomware variants emerging regularly, the ransomware threat has since escalated to a point in which it has become hard to control and manage. The FBI’s PSA offers a list of cyber defense best practices.
Indeed, ransomware attacks are becoming more targeted, sophisticated, and costly, even as the overall frequency of attacks remains consistent. This has caused losses from ransomware attacks to increase significantly.
The FBI does not support or advocate paying a ransom to the adversary, in part because it does not guarantee an organization will regain access to its data. However, the FBI does recognize and understand that businesses and organizations must exercise all options, and oftentimes the only option is paying the ransom demand.
When faced with a ransom demand, the FBI is urging all businesses and organizations to report ransomware incidents to law enforcement. Doing so provides investigators with the critical information they need to track ransomware attackers, hold them accountable under U.S. law, and prevent future attacks.
In 2019, there have been many public announcements of businesses and organizations that have used their cyber insurance policy to assist in paying a ransomware demand. Nonetheless, there has been a lot of talk and recent media attention debating whether or not cyber insurance is helping spark more ransomware threats and ransom payments.
As experienced cyber insurance brokers helping clients with their cyber insurance since 2011, our take on this, is that there are many more cyber insurance policyholders today than there was back when we first started in this space. While ransomware coverage has been available in a cyber insurance policy for many years, back in 2011, our clients often opted to exclude this coverage being that it was considered an add-on at that time and the threat was almost non-existent.
We don’t agree with all of the speculation that cyber insurance is increasing ransomware threats. Ransomware threats have really only escalated in the past three or four years, and ransomware coverage is now included in most standalone cyber insurance policies.
There are certainly many more businesses and organizations that have cyber insurance today and when a backup is not available, the last option is usually to pay the ransom demand and move on.
The reason the ransomware threat has escalated is due to the fact that many businesses and organizations do not have a recent backup to restore from in order to prevent have a crippling ransomware attack and will are more likely to pay the ransom demand.
Due to the increased ransomware threat environment, the most important defense for any organization against ransomware is a robust system of backups.
The FBI has pointed out in their PSA that the time to invest in backups and other cyber defenses is before an attacker strikes, not afterward when it may be too late.
Cyber insurance is best utilized as a secondary option and should not be a company or organization’s only option.
Contact us today to request a cyber insurance quote for your business or organization.
You May Like:
The Anatomy of a Cyber Insurance Ransomware Attack Claim
We Help Turn a Complex Process into a Simple One
REQUEST A CYBER INSURANCE QUOTE