Malware has dire potential for companies—even worse news is that malware attacks are rising at an alarming rate. According to Crowdstrike’s 2020 report, 56% of respondents report their organization suffered a ransomware attack in the last 12 months. Sonicwall reports that through September of 2021, they recorded 485 million ransomware attempts globally.
Are you insured? Now is the time to be. Due to the global increase in ransomware attacks, it’s no wonder insurers demand a more proactive approach from companies. Worst case? You don’t get reimbursed for your losses and resolution times become impacted.
In this article, we share some tips on what you can do to ensure cyber insurance pays in the event of a claim, and what to do before and after an attack.
Sometimes people answer their Cyber Insurance questionnaire falsely to try and get a better insurance deal. But let’s be honest—it’s not worth the hassle you may end up creating.
In the event of an attack, the insurance company will deploy IT forensics specialists to verify the truthfulness of your answers. If you falsely answer one of the security questions, the Cyber insurance company gets an easy way out.
Some insurance policies are better than others. You must review the extent of what your policy will cover in the case of a ransomware attack, because often, coverage can fall under and trigger other types of coverage.
For example, a ransomware insurance policy can also cover these areas:
That’s not all. Ransomware insurance policies may cover events like:
You also want to check the coverage limits for ransomware to verify if the policy will cover your real costs. Review the limits carefully. At a minimum, you want your ransomware insurance policy to cover extortion demands and loss in business revenue during downtime.
Lastly, ask how fast the insurer can respond and approve paying ransoms and other payments. Speed is of the essence. For your business security, you want to ensure they can help you quickly when it matters.
Insurers want to see you have a proactive cybersecurity approach, and they won’t issue a policy if your security is lacking. There are several ways to show a proactive approach, and each insurer has its own approach and requirements.
Most commonly, insurers will look at:
Insurers want to see that you have put measures and a plan in place to keep your company safe. If a ransomware attack occurs, you can show that you have complied.
When a breach happens, you must act quickly. The first 24 hours are the most crucial. A ransomware playbook allows you to follow a breach response plan that will tell your team what to do in case of a security event.
Practice makes perfect. Have your team review and practice the steps annually to ensure you can effectively follow through and execute your response plan.
Insurance only works if you have done everything you can at your end. To get support from your insurance company, you must show that you acted in compliance according to their policy.
Check your insurance policy on how quickly you must notify them in case of a breach—and never miss that deadline. In the event of an attack, you want to make sure you get the most out of your policy.
The earlier you can contact your insurer for help, the more they can help resolve the emergency. Always contact your insurer immediately in case of an attack.
Representation can pay for itself. Hire professionals to negotiate your payouts to ensure you get the most value from your insurance policy.
Naturally, insurance companies want to pay as little as possible. Don’t give them a reason to. Make sure you cooperate and comply with their demands. Be responsive, answer questions, and always work with them.
Everything you say can be used against you in a court of law. Don’t use the term “breach” when you contact your insurance company. Say you have a security incident and that you are contacting them about your policy requirements.
Don’t guess what the issue might be in conversations with your insurer. Guesses might lead the insurer to think you’re non-compliant—possibly interfering with your case and payout.
Much like other insurance, getting paid in the event of a ransomware attack comes down to being compliant with the necessary precautions and requirements. It also entails you to meet deadlines and be quick-to-act, as a delayed call may alter both payout amount and resolution.
With common sense and a solid playbook, you already have the proactive measures in place, even before an attack occurs; this will help ensure you get paid after a security incident. Remember, don’t guess, assume, or say anything that can jeopardize or change your case. Be sharp and cooperative.
Is your cybersecurity in check? Let us help!