Cyber-attacks reached record numbers in both intrusions and cost in 2021. Cybercriminals are extremely sophisticated, making it difficult for companies to stay ahead of security best practices. Nearly all companies face risk and require coverage, but cyber policies are complex and managing through a breach is even more so.
Last month, Newfront invited leading experts in cybersecurity, privacy, and insurance to discuss security best practices. Panelists, Casie Collignon, Cybersecurity and Privacy, Partner, Baker Hostetler Tyler Gerking, Cybersecurity, Privacy and Insurance Recovery, Partner, Farella Braun + Martel, and M. Scott Koller, Privacy and Data Security, Partner, Baker Hostetler, touched on those and explored market trends, reviewed cyber liability insurance, and shared approaches for rapid response plans.
Here are some of the key takeaways from their conversation:
- Up until 2-3 years ago, the cyber liability marketplace was competitive, it is now tightening with coverages being limited, higher retentions are required, and significant premium increases have occurred.
- After many years of phishing being the leading cause of losses, network intrusion become the leading cause in 2021.
- Ransomware attacks have now become “double extortion” as there is both a ransom to get the encryption key and the threat of data theft with the added peril of making the data public.
- It is important to understand where the threat has come from as that will help in negotiation and resolution.
- It is critical to employ a ransom negotiation firm to help with:
- Negotiate the difference between demand and ultimate payment (average is close to a 50% discount from initial)
- Clear compliance hurdles for payment (OFAC checks)
- Help with payment itself (Bitcoin or other)
- Don’t make a litigation decision, make a business decision.
- Trust your insurer or broker – report immediately as coverage may depend on the timing of the notification and cooperation.
- Many policies have the requirement that any ransomware payments have the written consent of the insurer.
To watch the webinar replay in its entirety, click here.