With ransomware attacks exploding and no end in sight, companies have little choice but to shore up their defenses against these attacks.
There are three main approaches: (1) better security, (2) cyber liability insurance, and (3) cyber “response” firms.
Obviously all businesses need to up their security game these days. The biggest vulnerabilities are where humans engage with technology–think of “phishing” attacks where people accidentally open malicious attachments. And in fact, many cyber liability insurance companies will want to check on your systems to make sure your defenses are as strong as possible when providing you coverage against cyber attacks.
The next key step is having cyber liability insurance. Just like no company would go without standard business insurance that covers theft, no one should go without cyber coverage that covers online theft. Security expert David Kennedy, the co-founder of TrustedSec, recently told CNBC that he sees 40-50% of companies who suffer ransomware attacks get some reimbursement because they have cyber liability insurance.
So again, cyber liability coverage can help shore up your defenses; help reimburse funds you may have to pay in a ransomware attack, and some companies (we can tell you which ones) have all-important “cyber response” teams that will assist you in recovering from such attacks and restoring your systems.
Now, there are other types of firms (typically, advisory firms) that offer “cyber response” services, but this is not the same thing that insurance companies offer. These advisory firms might let you sign up for free, but will charge you once their services are needed. It’s a bit like a car repair shop saying “hey, we won’t charge you unless you need us, but once you do, it’s full price.”
Insurance companies, by contrast, have you pay a small amount along the way to avoid huge bills all at once. Advisory firms may act the opposite way. They also may not cover all areas that cyber liability insurance would–such as fraudulent payment (when your business is tricked into paying a hacker, or one of your customers is).