policyholders may face 10% interest rate hikes on their cyber insurance in the new months due to the growing losses associated with ransomware attacks, and coverage restrictions may also be in place, says one expert.
"had to adjust pricing" to make coverage more sustainable, says Bill Siegel, CEO and founder of Norwalk, Connecticut-based Coveware Inc., a ransomware incident management company.
He was one of the speakers on a panel on ransomware during Minneapolis-based Professional Liability Underwriting Society Virtual Annual Conference Monday.
Mr. Siegel said that depending on what happens when reinsuring, insurance companies can introduce sublimits, adjust retentions or add co-insurance so that insureds have "more skin" in addition to possible interest rate increases. insurers. "
Insurers must also decide whether the right questions are being asked about issues such as multifactor authentication and backups, he said.
is considered equivalent, "he said.
There is a" big difference "between an independent policy which is designed to manage risk and add cyber coverage as a support to another policy, he said. If the latter is the case, "you may be disappointed if that is what you trust," he said.
Mr. Siegel said it was important that policymakers, regulators, legislators and public and private companies recognize that "this is an industry you are against", not a person sitting in his basement. It is large, mature and highly distributed, and "right now it is too profitable," he said.
He said that the way to attack it is to make it less profitable, even if there is no "magic bullet."
Ransomware is distributed in two different ways, he said. One is from a close-knit, small group of ransomware developers who use it exclusively and do not allow anyone else to do so. These "tend to be the more technologically sophisticated groups," Siegel said.
The second type involves developers who have realized that it is "much more profitable for them not to pull off the attacks themselves" but allow many affiliates, with whom they distributed the proceeds to carry out the attacks to them, he said.
Mr. Siegel said that the targets of ransomware attacks are still disproportionately small companies, usually with less than 200 employees, although many large public companies are also attacked.
He said that while the larger companies tend to have insurance and "get over it, it is the small companies that are really affected by it and sometimes do not recover."
Panelist Lindsay B. Nickle, a partner with Lewis Brisbois Bisgaard & Smith LLP in Dallas, said that about a year ago, in addition to assuming that corporate file control, cybercriminals also began to filter out data from corporate systems and seek money not only to obtain the encryption key but also to prevent its publication. data.
This puts cyberattack victims in a difficult position, because when criminals have customer or employee personal information, companies have an obligation to pay to protect them, but it makes it harder to control the solution to ransomware, Nickl said [1
"These are smart criminal groups, and so they have found another way to trigger payments of money so that they can benefit from and make money from this activity" by adding another component, wife. Nickle said.
She advised companies to prepare for the possibility of a ransomware attack by conducting table exercises and by deciding who should be involved in deciding if an incident occurs.
These must be the right stakeholders, who are "efficient and fast", she said. If this net is thrown too wide, "it can keep the process down." 19659002] The session was moderated by Austin Bockwinkel, Chicago-based CEO of Hauser Group, a risk advisory, insurance services and mergers and acquisitions company.