Businesses are facing cyber security threats on a daily basis, with no end in sight. Due to these growing threats, insurance companies began offering businesses cyber security insurance. Depending on the policy, it may help cover the costs of informing customers of breaches, restoring networks, replacing damaged devices, and even paying the ransom demands of hackers.
This may be perceived as a sound investment given the probability of suffering a cyber attack. However, having cyber security insurance may make the business a bigger target for cyber attacks.
How Cyber Security Insurance Works
Cyber security insurance policies vary based on coverage. Additionally, the cost of these plans will differ based on the following:
- Number of employees
- Projected revenues
- Compliance requirements (PCI DSS and/or HIPPA)
- Amount of business outside of the U.S.
- Security solutions installed
- Encryption of data
- Backup procedures
- History of breaches, hacking, malware infections, etc.
- Number of clients/employees personal identifiable information is stored for
Insurance companies use this information to weigh the projected risk of a cyber incident occurring and scale the pricing of the policy accordingly. This is a similar risk methodology to what is used for pricing automobile or home owner’s insurance policies.
To Pay or Not to Pay?
Ransom demands have grown to hundreds of thousands of dollars, and often times there is no way a business can afford to pay. Therefore, the demand for cyber security insurance rises. Businesses would rather pay a few thousand dollars for insurance protection on an annual basis than have to worry about becoming the next ransomware victim and pay hundreds of thousands of dollars.
But what if having cyber insurance makes you a bigger target? Theoretically, if a business has cyber insurance, the likelihood of paying the ransom demands is far greater because they have a policy that will help cover the costs.
Down the Rabbit Hole
Businesses feel the need to obtain cyber security insurance because of the growing cyber risks and ransom demands if they fall victim. Yet, paying the ransom demands increases the likelihood of more ransomware attacks. Additionally, having cyber security insurance makes the business a bigger target.
But, how would cyber criminals know if a business has cyber insurance?
They could breach the network of insurance companies. Considering the alarming number of security breaches that occur daily, this isn’t far fetched. If hackers can worm their way into an insurance company’s network, they can view what businesses have cyber security insurance. From there, they can launch targeted attacks at these businesses. Bing, bang, boom — it’s a quick payday.
It seems like there is no hope, right? Antivirus solutions are failing, cyber security insurance puts a target on your back, and some ransomware variants even corrupt backup files. So, what exactly are you supposed to do?
It’s quite simple. First, all backup files should not be connected to the network. Second, deploy application whitelisting. Using a whitelist, only known, trusted programs can execute. Therefore, it doesn’t matter if an employee clicks on a malicious link, or tries to download a bad file or attachment — when the malware attempts to install, the whitelist will block it.
But what about new, never before seen malware, will that be blocked? Yes. How? Because it is an unknown file. It has not been tested and proven to be safe, therefore, it will not be permitted to execute.
2,573 total views, 1 views today