The increasing number of cyber attacks and the damage they cause have led to an increasing demand for cyber insurance. If cyberattacks soon become "uninsurable," as Zurich Insurance CEO Mario Greco said in an interview with the Financial Times, what can companies do to meet this challenge?
More than 400 million US dollars - that's how much damage the data leak at Capital One caused in 2019. And the number of such attacks, which have catastrophic consequences for the companies affected, has continued to increase since then. According to Check Point, in the third quarter of 2022 alone, global attacks increased significantly by 28% compared to the same quarter of the previous year.
Cyber insurers are responding to increased risk
Where cyber risk used to be limited to areas such as data breaches and third-party liability, ransomware attacks have shifted the damage to core business and accountability. Cyber insurers had to react to the increased risk and have adjusted their offers, as an analysis by Swiss Re Insurance shows. The profitability of cyber insurance in the US deteriorated significantly in 2020. The situation has stabilized over the past year as customers have to pay higher premiums and meet stricter terms and conditions. Swiss Re Insurance expects total premiums paid to more than double from $2025 billion to $10 billion by 23.
Zurich Insurance CEO Mario Greco called on governments to create private-public systems to manage systemic cyber risks that cannot be quantified - similar to those that exist in some countries for earthquakes or terrorist attacks.
More expensive and more difficult to qualify
This is bad news for companies, as insurers are becoming stricter and asking for higher premiums. Cohesity's legal experts looked at the leading ransomware insurance policies on the market at the end of 2022 and found: "Ultimately, such guarantees are little more than thinly veiled limitations of liability that benefit the providers - not the customers."
However, there are some measures that companies can use to protect themselves effectively in this new market situation, as Wolfgang Huber shows:
1. The 3-2-1 strategy remains current: keep an isolated copy of the data
Clayton County public schools have been required to quarantine an offsite copy of their production records to qualify for cyber insurance.
To do this, they used the SaaS service Fort Knox, which keeps an encrypted copy of the production data in the cloud, isolated by a virtual air gap. The data stored there is monitored with multi-layered security functions and machine learning, and anomalies are reported immediately.
2. Tear down silos and merge data with zero-trust in mind
In general, companies should consolidate all their distributed data on a scalable data management platform that is itself designed according to the zero trust model. The data is encrypted during transfer and on this storage, access is strictly regulated with rules and multi-factor authentication. In addition, all data stored in it can be managed according to compliance requirements and, thanks to immutable storage, is better protected against ransomware.
3. Improve collaboration between IT and SecOps teams
In addition to these technical measures, companies should optimize the collaboration between their IT and security teams. For too long, many security teams have focused primarily on preventing cyberattacks while IT teams have focused on protecting data including backup and recovery.
Positive impact through data security strategy
A comprehensive data security strategy must unite these two worlds and IT and SecOps teams must work together before the attack takes place. Both teams should be guided by the NIST framework. This holistic approach defines five core disciplines: Identify, Protect, Detect, Respond and Recover.
If a company can demonstrate such a mature data security strategy, this will not only have a positive effect on insurance cover, but will generally reduce the risk of incidents and possible consequential damage through failure or data loss.
More at Cohesity.com
About Cohesity Cohesity greatly simplifies data management. The solution makes it easier to secure, manage and create value from data - across the data center, edge and cloud. We offer a full suite of services consolidated on a multi-cloud data platform: data backup and recovery, disaster recovery, file and object services, development / testing, and data compliance, security and analytics. This reduces the complexity and avoids the fragmentation of the mass data. Cohesity can be provided as a service, as a self-managed solution, and through Cohesity partners.