Few businesses have ransomware coverage with limits above $600K
A typical data breach costs an average of $2.4M to investigate and recover from, according to Forrester Research.
The sense of dread caused by ransomware runs deep and businesses are increasingly worried about how to handle the risk. However, just 19% of companies have ransomware coverage limits in excess of $600,000, a survey by BlackBerry and Corvus Insurance found. The average cost to investigate and recover from an attack is $2.4 million, according to a report from Forrester Research.
The survey also uncovered that 59% of business owners hope the government would cover damages for future nation-state attacks.
Although small- and medium-sized businesses (SMBs) have become more frequent targets, only 14% have coverage limits in excess of $600,000. Half of SMBs hope the government will increase financial aid in all ransomware incidents.
In addition to limit challenges, many businesses’ cyber policies aren’t designed to meet current threats, according to BlackBerry and Corvus. More than one-third aren’t covered for any ransomware demands, while 43% aren’t covered for costs such as court fees and employee downtime.
“Not only are there more ransomware threats than ever, but the criminals are more ruthless. They will iterate threats and wait patiently in order to extract maximum damage,” Shishir Singh, executive vice president and CTO, cybersecurity, at BlackBerry, said in a release. “For uninsured and underinsured organizations, this potentially puts them in extreme jeopardy. The cyber underground is increasingly sharing learnings and partnering to make threats as efficient as possible. It’s vital businesses strengthen their security posture against these threats by supplementing insurance with a prevention-first software approach that lowers their overall risk.”
Regarding software, around one-third of companies reported being denied coverage because they couldn’t meet specific endpoint detection and response (EDR) software requirements. EDR systems use data analytics to detect suspicious behaviors, provide details on the incident, block malicious activity and provide remediation solutions, according to Gartner Peer Insights.
While EDR and other requirements serve as barriers to entry for 34% of companies, these requirements have a real-world impact on reducing ransomware payouts. Corvus CTO Vincent Weafer said there has been a 50% reduction in the ratio of ransom demands that end up being paid in the company’s portfolio due in part to software requirements.
“Though it might sound counterintuitive, continuing to adhere to software requirements is one of the best ways to fight the ransomware industry,” Weafer said in a release. “Better software adoption is a critical element in better positioning organizations to stand up to attackers.”
Related: