1 (306) 502-1116

Cyber insurance claims are putting firms under increasing pressure

Tillman Hodgson

“…Only two types of companies exist: those that have been hacked and those that will be hacked…” What category does your organization fall into? That opening quote is an alarming line from a 2021 report from Howden, a leading international insurance group. Indeed, according to Howden, we’re living through multiple pandemics. Not only are we […]

“…Only two types of companies exist: those that have been hacked and those that will be hacked…” What category does your organization fall into?

That opening quote is an alarming line from a 2021 report from Howden, a leading international insurance group. Indeed, according to Howden, we’re living through multiple pandemics. Not only are we living through the COVID-19 pandemic, but we’re also suffering through a ransomware pandemic:

“2020/21 will forever be synonymous with COVID-19. But it will also be remembered for another (digital) pandemic that has transformed the cyber threat landscape: ransomware. The frequency and severity of ransomware incidents have grown considerably over the last year, with cybercriminals deploying new tactics and techniques to achieve one simple goal: to make money…”

The report talks of rampant ransomware with attacks in the fourth quarter of 2020, with incidents up 170% compared to the first quarter of 2019. Moreover, ransomware costs rose 145% in 2021 compared to 2020, with insurance rates also climbing by 30%. 

Due to soaring risk and claims, more and more insurers are raising their premiums and adjusting their policies. For some, this even includes the requirement to demonstrate a functioning security program and to show that technical controls are in place. For those with a previous claims history, insurance companies may even deny renewals. According to a Reuters report from summer 2021, AIG is one of the insurers who have raised their premiums: 

“American International Group Inc is tightening terms of its cyber insurance, noting that its own premium prices are up nearly 40% globally, with the largest increase in North America…”

The elevated risk is impacting many industries, as the Howden report explains:

“…Exposures are growing rapidly and now cut across virtually every aspect of business. Whereas risks were concentrated initially around third party data protection and privacy liability, more recent incidents point to a shift towards first party extortion, business interruption, reputational harm and even physical damage. The surge in ransomware has been one of most consequential developments of the last 12 months, bringing about a sea change to the frequency and severity of attacks, and the cyber risk landscape more generally…”

That all sounds terrible, of course. So what can you do? Back to the Howden report: “The importance of being prepared for a cyber attack cannot be overstated.” 

Be prepared!

Just as no driving school can genuinely promise that you’ll never get in an accident if you decide to learn with them, so it goes for cybersecurity. Unfortunately, no cybersecurity infrastructure in the world is 100% secure. Threats exist everywhere and with increasing regularity.

Yet, sensible driving can mitigate your risk of getting in an accident. And practical data security protocols and robust infrastructure can also help to reduce your risk of a cyber attack. Consistent backups can also reduce data loss and disruption in the event of a ransomware issue.

With insurance costs surging, mitigating your risk is going to become even more valuable. For example, imagine being able to show you’ve been breach-free for five years. That would likely reduce your premiums. Moreover, as mentioned, we’ve even heard of some organizations being unable to secure cyber insurance due to their risk levels.

Of course, reducing your risk is also better for your customers, PR and shareholders. Ultimately, it’s better for your bottom line—no matter your size or field. So if you’ve been putting off looking at your data security infrastructure, now is the time to act. We offer a no-judgement, no-obligation consultation and would be happy to review your needs with you. If you’d like to chat, please reach out.

Disclaimer

While we have made every effort to present accurate, unbiased and helpful information in this article, please note that it reflects the author’s opinion and is written for the purposes of general knowledge, information and discussion. This article is not intended as legal advice, nor should it be considered as advice specific to your individual data security situation. If you would like to discuss your cybersecurity needs in specific detail, please get in touch with us.

Ready to learn more?

Third Party Security: Who’s Minding Their Store?

Third Party Security: Who’s Minding Their Store?

Giant Tiger made the news this month with a security breach related to a third party. The discount retailer used another company to manage customer engagement and communications. Customer data, including contact information and home addresses were compromised, leaving Giant Tiger with the task of contacting customers to warn them of phishing emails and phone calls likely to ensue as a result.

read more
Stopping the Leaks: How to Play Safe on Today’s Internet

Stopping the Leaks: How to Play Safe on Today’s Internet

Sara finds an email in her inbox, notifying her that she has been the victim of a data leak through one of her social media accounts. Brad gets a similar email, letting him know that his private information is no longer secure after his favourite online store experienced a security breach. These types of notifications are almost commonplace as cybercriminals become increasingly sophisticated in their attacks on the networks that hold our data. In fact, there have been over 26 billion records exposed in what Canadian cybersecurity researchers are terming a “supermassive leak”. 

read more