INSURING AGAINST CYBERATTACKThey say prevention is better than cure but sometimes, you can't stop being the target of a cyberattack. Is cyber insurance the answer?
Companies are greatly concerned about cyberattacks because a hostile incident can cause a number of disruptive events: loss of revenue; loss of reputation; exposure of confidential and personally identifiable information like names, social security numbers and credit card information; health records; as well as the expense to recover from an attack.
Cyber insurance is typically a general liability policy that can cover some of the financial burden of an attack. One way to understand a general liability insurance coverage is to think of it like automobile insurance. Automobile insurance coverage may not be able to stop you from having a car accident and the fallout that can occur but it can help you with the financial burden.
This is similar to cyberattacks and cyber insurance coverage. The cyber insurance can help mitigate the financial burden of a cyberattack but it can’t anticipate or intervene during a ransomware incident, nor can it insulate businesses from the lost productivity, disruption and discomfort that come with it.
Something else to consider: victims of ransomware attacks who decide to pay the ransom may face government enforced penalties. As noted in a news article, “In the context of a ransomware attack, the victim of the attack, their insurer, a digital forensics organization hired to provide support, a financial institution, or any other involved in the attack response would be prohibited from making any form of payment to the hacker in exchange for the release and/or non-disclosure of the compromised data if the hacker has been designated a malicious actor.”
A COMPREHENSIVE PROTECTION PLAN
Cyber insurance may be a viable piece of a broader protection plan to help deal with the financial aspects of cyber and ransomware attacks. But companies still need to have a well-founded cyberattack prevention and recovery plan to help make an incident less troublesome.
Can paying a insurance help you avoid having to pay a large ransom amount?
Here are some critical steps that are recommended to help protect and prevent cyberattacks as derived in part from a SearchStorage cyber defense best practices article:
- Maintain a defense-in-depth approach to malware protection: use a defense-in-depth approach (layered defenses) to protect your digital assets to include not only malware detection systems but also scanning and filtering technologies for endpoints, network traffic, web content and email messages.
- Educate employees about the risks of social engineering: Ransomware often enters an organization through the inadvertent actions of employees, for example, a staffer falling victim to a phishing attack. Conduct on-going cybersecurity awareness and training programs that reaches all employees on-site and remotely.
- Perform frequent backups of critical data: The purpose of most ransomware attacks is to deprive you of access to critical data until you pay a ransom. Backups can diminish this risk by providing a contingency plan.
OFFLINE PEACE OF MIND
Backups are important but they should also be kept offline — LTO technology is innately offline. When a data cartridge is removed from the tape drive it is no longer attached to the system which creates an air gap between the system and the data. In the event of an attack the tape stored data is not reachable by the cyber attackers and can then be used to recover compromised online data. In addition, attackers may threaten to publically expose sensitive information that they have stolen. Therefore, it’s important to encrypt sensitive data. LTO tape technology supports hardware encryption to protect sensitive information in the event a cartridge was to get into the wrong hands.
Cyber insurance may be a viable component in a comprehensive prevention and protection plan that includes offline backups of critical data helping to protect an organization from worse case cybeattack scenarios. LTO technology can be a critical asset in cybercrime prevention and recovery – See the LTO protection details here.