After the Colonial Pipeline hack, energy companies are showing a renewed interest in cyber insurance, according to Reuters. This sharply reverses their interest in this type of coverage. Before the pipeline attack, the energy industry had some of the lowest interest in the insurance.
These companies will pay a price for that insurance as the report said thanks to renewed interest in cyber insurance, premiums will increase by 25 to 40 percent.
On the plus side, cyber insurance can cover the cost of a ransomware payment and insurers can even help in negotiations. On the other hand, doesn’t paying ransoms only make the problem worse?
After all, there’s no guarantee other cyber criminals won’t target firms they know that have paid. According to insurer Hiscox Ltd., “28 percent of the businesses that suffered attacks were targeted on more than five occasions in 2020.”
If you have SMB or mid-size enterprise clients, there’s an important point you should make to them regarding cyber insurance: it’s no substitute for good data protection and reliable backups.
The cyber insurance may cover the ransomware cost, but there are other costs involved if a client’s data is encrypted, stolen or compromised. First, is the cost of handing the data emergency measured in lost productivity as staff are pulled off day-to-day work to address the emergency.
But consider too that a cyber insurance claim is much like any other insurance claim. The insurer will no doubt need evidence of the breach, records, etc. to verify a claim meets the conditions of a policy. That costs time and resources, as well.
There is no doubt cyber insurance is good to have. It’s also getting more expensive, and it’s probably hard to calculate the true cost of a data breach. Threats also change, as we’ve seen over the last year.
These days, there are so many good options to protect and store backup data. Some clients may be well-suited to disaster recovery-as-a-service, which often relies on making sure the client can get quick access to their cloud-based backups. Appliance-based cloud storage solutions give even more flexibility to remote and branch offices. For larger enterprises, solutions that feature technology, such as immutable data storage (which cannot be altered), and complete SLA-based data protection are tested and trusted by many.
In this case, an ounce of data protection may be worth a pound of insurance.