Ransomware attacks have become a critical threat to businesses and organizations everywhere, regardless of size or industry. More than one-third of all companies worldwide have experienced a ransomware attack or breach that blocked access to their data in the past 12 months, according to research from IDC, a market intelligence firm.

This increase in ransomware highlights the importance for companies to ensure strong protections are in place for their sensitive data, operations and bottom line.

READ ALSOHere are Arizona’s Most Admired Companies for 2021

Ransomware on the Rise

Although always a threat in our digitized, data-driven world, ransomware attacks — where hackers break into private computer systems to encrypt and steal data to hold for ransom — have grown in size and scope since the onset of the COVID-19 pandemic.

Cybercrime victims paid $350 million in ransomware payments in 2020 alone, according to a report by the Institute for Security and Technology — a 311% increase over the previous year.

So far this year, the rate of ransomware attacks has accelerated, with nearly daily reports of another high-profile breach or attack including the recent hacks on global consulting firm Accenture and IT software vendor Kaseya in addition to attacks earlier this year on oil pipeline operator Colonial Pipeline and meat processor JBS.

Cyber Risk Coverage

As the number of ransomware attacks and other cybercrimes climbs, not only has cyber risk insurance become even more essential for businesses, but it’s also costlier to secure. Rates for cybersecurity insurance coverage climbed 30% by the end of 2020, with premiums potentially rising another 50% through 2021, according to Marsh.

But there’s more to ensuring proper cyber coverage than higher premiums. Insurers are tightening coverage limits, even restricting or placing sub-limits in ransomware coverage, due to the sharply rising risk of more prevalent attacks. Other changes include new co-insurance on cyber coverages to share the cost of any ransomware payments.

Additionally, insurers are instituting greater cybersecurity requirements on companies before issuing cyber coverage.

Improving Cybersecurity Controls

With the rising risk of attacks and stricter requirements for obtaining cyber coverage, businesses must implement several critical changes to better protect themselves from cyberattacks and ensure they meet insurers’ higher standards:

Penetration testing: Such testing includes simulated cyberattacks to evaluate a business’ cybersecurity to identify risks and security gaps.

Cyber Incident Response Plan: Also known as an IR plan, this is a set of instructions that lays out how a company prepares for, detects, responds to and recovers from cyberattacks. Businesses should use their IR plans in conjunction with penetration testing to determine any gaps in response.

Employee Awareness Training: These trainings help educate employees about cybersecurity issues, including how to identify phishing and social engineering attempts while providing the best practices to properly secure data and network access.

Improved Security Controls: Network security controls are a must for all businesses. At a minimum, these should include endpoint detection and response (EDR) solutions that monitor the devices connected to a company’s network, as well as tested backups and multi-factor authentication (MFA) login methods requiring employees to login using additional credentials beyond their username and password.

Sunset End-of-Life Software and Devices:  Companies should institute a process for sunsetting software and devices that no longer receive security updates. Continued use increases the risk of hackers leveraging potential vulnerabilities to gain access to companies’ systems.

Work Closely with Insurance Broker: Insurance brokers are important resources for businesses who can provide guidance and understanding related to potential cyber risks and associated costs.

As we’ve seen, no company is immune to the risk of ransomware or other cyberattacks. Technological advancements and society’s greater reliance on digital data means it no longer is a matter of if a business will experience a cyberattack, but increasingly when.

But even with the increased prevalence of cyber risks putting upward pressure on insurance costs, businesses that implement the proper internal protections to protect their sensitive data and networks will be better prepared to tackle any potential cyber issue.


Preston Pilcher and and Tim O’Brien are executives with Lovitt & Touché, A Marsh & McLennan Agency LLC Company.