Do you know if your current cyber insurance is right for your business?
Cyber insurance prices have seen an increase of up to 40%1 in the past year due to ransomware attack numbers and frequency exploding in 2020. Hundreds of Australian businesses of all sizes and across all industries have been impacted by extortion attempts of various levels of sophistication - with ransoms ranging from the thousands to the millions.2
Start your renewal conversation with cyber as early as possible
Businesses that do not have adequate risk mitigation in place, may find themselves uninsurable. This is why, as you approach the renewal of your business’ insurance program, taking the necessary steps to assess if you have adequate insurance and risk controls in place is vital in an evolving cyber risk landscape. We recommend consulting early with your Aon Client Manager.
What would the financial impact be if you lost the ability to access company data and files?
Each year, Ransomware continues to fill headlines, attackers are getting more sophisticated in both their attacks and the selection of potential targets. Continuously finding different ways to compromise businesses with crippling attacks that can wipe out valuable company data, taking over computer networks and demanding a payment to hand back control.
These attacks continue to get more sophisticated in addition to the frequency and severity businesses are now having to deal with over the past two years.
Why you need to take notice of ransomware
- Business interruption is highly likely. At the close of 2020, seven in ten ransomware attacks involved the threat to leak exfiltrated data globally4, and some variants threatened to auction stolen data.
- Ransomware is no longer confined to the simple model of ‘pay to decrypt’, and data may be extorted, breached, or even erased.
- There has been an emergence of data destruction in which servers or clusters of data are permanently wiped.5
What are the minimum requirements to protect your business that insurers require?
Underwriters are asking for more proof from clients on cyber security measures and looking to see tested business continuity management and disaster recovery plans in place. Businesses that don’t have adequate risk mitigation in place may find themselves uninsurable.
The minimum risk controls insurers require are:
- Multi-factor authentication
- Endpoint detection and response
- Network segregation
- End of Life software / Unsupported software remediation and monitoring
If your renewal is approaching, what are your options?
Aon has the capabilities to help you with your cyber risk management
Experts say 2021 will continue to see attacks in Ransomware, Supply chain risk, Business email compromise and attacks against operational technology. Protection against cyber threats is now more important than ever.
If your insurance program renewal approaching, getting the expert advice on cyber risk and discussing your options with an Aon Client Manager can help understand what cyber risk controls and incident response plans are required, as well as discuss a cyber insurance solution suitable for your business. Start the conversation today.
Steps you can take now
It’s critical to demonstrate concrete risk mitigation actions, or your business might be subject to higher cyber insurance premiums. Identify the cyber risks and threats, mitigate risks as appropriate through these best cyber practices:
- Well-prepared incident response process – Establish steps to reduce your organisation’s exposure footprint and minimize the impact of data exfiltration.
- Tested business continuity management plan - Ensure you’re working with cyber security professionals to identify vulnerabilities and assist with breach response.
- Disaster recovery plans - Mitigate risks as appropriate through best cyber practices, prepare and be ready for incidents
- Understanding your ‘crown jewels’ - valuing those assets and ensuring appropriate controls be applied to those assets
- Data management - Data Classification, Data Retention and Data Destruction policies.
Find out what cyber insurance are available
- Cyber Pulse Podcast: 2021 Cyber Insurance Market Snapshot https://aoninsights.com.au/cyberpulse-insurance-market-snapshot/
- Aon 2021 Cyber Security Risk Report
- “Ransomware Payments Fall as Fewer Companies Pay Data Exfiltration Extortion Demands,” Coveware Ransomware Marketplace Report, Q4 2020, https://www.coveware.com/blog/ransomware-marketplace-report-q4-2020