In both the insurance and investigative industries, we see many attempts at hacking or cyber liability toward companies, sometimes even government agencies. What we’re witnessing more and more is that hackers or ransomware attackers set the ransom or loss amount based on their perception of the victim’s cyber insurance. It’s like the old adage of a robber asking how much you have before deciding how much to take; they want it all. The hackers and ransomware attackers try to assess the victim’s cyber insurance coverage, and if they have access to your emails and system, they can gauge it. They then demand an amount that either matches or slightly falls below your insurance policy.
While it may not seem so on the surface, this situation has both positive and negative aspects. First, it puts your insurance company in control, which allows them to decide how to proceed. Depending on the amount of the ransom, it may be more cost-effective for them to fix your system rather than pay the amount demanded. However, at least it doesn’t exceed what you would pay out of pocket. For example, if you have a one-million-dollar cyber policy and they demand five million, they probably won’t get it. But if they ask for one million, they know your policy will kick in since you don’t have to cover it personally. These factors contribute to the evolving landscape of cyber liability, cyber insurance, and cyber protection in the realm of business security.
Whether you approach it from an insurance perspective to safeguard against losses or focus on prevention to avoid losses altogether, being aware of these changing dynamics in cyber insurance and cyber liability is crucial for small and medium-sized business owners. It ensures that you’re not caught unprepared and that your business doesn’t face disruption or financial ruin.