A Rise in Cyber Crime and Cyber Insurance Rates Highlight the Need for Improved Incident Response
2020 was a tumultuous year that saw a rise in cybercrime. The FBI’s Internet Crime Complaint Center (IC3) reported a huge increase in complaints – a 300% increase just a few months into the COVID-19 pandemic. Much of this is related to the increase in telework which poses a higher risk for cyberattacks. Many companies have moved over to the cloud and have signed on to work with managed service providers (MSPs) or infrastructure as a service (IaaS) services.
We have seen what the rise in cybercrime and increase in cyber claims activity have done thus far to cyber insurance rates. The Council of Insurance Agents & Brokers (CIAB) Q4 2020 Commercial P/C Market Survey reported one of the highest premium increases out of all lines of business at 11.1%. They noted that this was unusually high based on historically smaller increases of about 1% or less.
Carriers are nervous about ransomware attacks. Earlier this year, we wrote about ransomware attacks and how they have grown in frequency, complexity and severity. Since they are on the hook for these increasingly costly ransomware attacks, rises in premiums are not totally a surprise.
With all of this in mind, we recommended that businesses focus on the incident response area of their cybersecurity programs. As Leaders Edge reports, this is an often overlooked area, and “lack of a fully developed and tested incident response plan can result in increased business interruption, loss of market share and business partners, damage to reputation, regulatory investigations, and lawsuits.”
A strong and comprehensive incident response plan should accommodate remote work and shifts to third-party IT providers. Conduct a review of your plan, if you have not already, and make sure that it is revised to include internal and external players. Note that underwriters for cyber liability insurance policies are looking more and more at what preventative measures organizations are doing to protect against cyberattacks, including incident response planning.
Rose & Kiernan, Inc. is here to review your current cybersecurity insurance coverage to make sure that it is valid in the instance that third-party IT providers are processing and storing your businesses data or if they are responsible for your system’s security. We stress now, more than ever, the importance of cyber liability insurance to protect your business and your online data.