Obtain cybersecurity insurance
The cost of cybersecurity incidents continues to increase. Ransom demands are up, and the average payout by midsized organizations exceeds $170,000. Total costs of ransomware attacks are estimated to exceed $20 billion this year.
Even if it’s absolutely their only choice to stay in business, many organizations don’t have the immediate liquidity to make ransom payments — not to mention pay for credit monitoring for your customers, hire specialists to clean up your network and replace computer hardware.
What’s more, cybercriminals often demand payment in cryptocurrency (and increasingly not Bitcoin). Most organizations aren’t able to set up crypto wallets to obtain sufficient cryptocurrency in time to pay the demands.
Cybersecurity insurance is designed to help offset the costs above, including lost revenue from the attack, and can even facilitate the cryptocurrency ransomware payment if it’s the last resort and you decide to go that route.
- Work with an insurance broker: Work with a broker experienced in cybersecurity policies to help you get the right amount and type of coverage. The devil can be in the details with these policies, and you need to understand exclusions and any specific considerations to pay a claim.
- Ensure your cybersecurity safeguards are up to snuff: Insurance carriers have been taking it on the chin with increased ransom payouts and are getting smarter about underwriting policies. You may be required to have multi-factor authentication and endpoint detection tools in place.
Document your cybersecurity program: Documenting your program allows you to articulate the preventive safeguards and detective controls you have in place. This could streamline the underwriting process.