6 Factors Causing Cyber Insurance Rates to Increase

Ransomware, a form of malware targeting critical data or computer systems for extortion, is a growing threat for businesses of all sizes. Not only are instances of ransomware on the rise, but the average amount paid in a ransomware attack more than doubled in late 2019, to more than $84,000.¹

The costs associated with responding to a cyber incident are rising. From forensic and legal experts to deal with the incident to the rise in ransomware demands, including a $600,000 ransom paid recently by a city in Florida,² the costs to respond to a cyber intrusion are rising quickly.

According to “The 2020 State of IT ” ³ report, 1 in 4 businesses increased their IT spend in 2020 due to a recent security incident. Additionally, 44 % of businesses planned to increase their tech budget, up 6 % from the prior year.

Implementing basic cybersecurity best practices can prevent, or at least minimize, many of the most common risks.⁴ With many organizations enabling their employees to work remotely, the lack of adequate cybersecurity controls on home networks can lead to significant exposures when those workers return to the office. Organizations should implement controls, including endpoint detection and response, to reduce exposure risks to their networks when employees return.

Having a clearly defined and documented cyber incident response plan helps organizations respond quickly and effectively when a breach impacts their business. Unfortunately, only 23 % of businesses surveyed by the Ponemon Institute reported having an incident response plan that was applied consistently across their enterprise, leaving 77 % with inconsistent or no plans.⁵

The costs associated with a cyber intrusion are not only related to response. According to NetDiligence’s Cyber Claims Study,⁶ claims impacting small and midsized enterprises resulted in an average of $343,000 in business interruption expenses as the breached organizations worked to get their businesses back up and running.