Ransomware has been a hot topic in the past few years, and for good reason—it can cost companies millions of dollars to recover from an attack. No business is immune, and all it takes is an unsuspecting employee clicking on a legitimate-looking link to infect the company network.
Ransomware may seem like an unavoidable threat, but you can ensure your business will survive an attack without significant financial loss with ransomware insurance. In this blog, you’ll learn:
- How ransomware works
- The impact of ransomware on your business
- How ransomware insurance lessens the impact
- If cyber insurance covers ransomware
- How to get ransomware insurance coverage
Ransomware is a type of malware that infects your computer system. Employees often download it unintentionally after clicking on email attachments or links from cybercriminals.
After your network becomes infected by ransomware, a cybercriminal typically encrypts your files and requests a ransom payment in exchange for the decryption key. If you don’t pay the ransom, the attacker may threaten to leak your files in a data breach. And even if you pay, there’s no guarantee you’ll get every piece of data back.
The impact of a ransomware attack goes beyond the amount of a ransom payment. Businesses that suffer a ransomware infection also have to contend with:
Companies lose access to some or all of their files during a ransomware attack, and that loss can be permanent or temporary. It takes time to recover your files even if you pay the ransom and receive a decryption key. If the attacker leaks your files because you can’t make the payment, you may never get them back—and other cybercriminals can use them to gain critical information about your business and clients.
The average length of downtime after a ransomware attack in late 2021 was 20 days. During this time, businesses may lose access to critical systems, making it difficult or impossible to continue operations. Profit loss after a ransomware attack can exceed the actual ransom amount, making the total cost skyrocket. In 2021, the average total cost of recovery was $1.85 million, whereas the average ransom payment was only $170,404.
A 2021 study found that 80% of companies that experienced a ransomware attack were exposed to a repeat attack, often from the same threat actor. Small businesses may not have the resources to address the underlying vulnerabilities that led to an attack in the first place, making it easy for cybercriminals to launch a second (or third) ransomware attack and collect even more ransom money.
If word gets out that your business suffered a ransomware attack, it can harm your relationship with clients, especially if you lose their data or miss a deadline due to downtime. Affected clients might sue for damages, and you may have to hire a public relations firm to get your reputation back on track.
While purchasing a ransomware insurance policy won’t protect you from cyber extortion, it’s a critical risk management tool that helps your company recover following an attack. Depending on the ransomware coverage you purchase, your policy might pay for:
- Ransom payments
- Data restoration fees
- Third-party experts to negotiate with the attacker
- Computer forensics
- Lost profits due to business interruption
- Public relations services to address reputational harm
Essentially, ransomware insurance makes it easier for companies to do everything they need to recover from an attack—because they don’t have to drain their company account to do so. This financial support can be critical in keeping a business afloat, considering many ultimately shut down due to financial loss following an attack.
You may assume you’re covered for ransomware if you already have cyber insurance coverage. And there’s a good chance you’re right—to an extent. Many cyber liability insurance policies provide a certain amount of cyber extortion coverage, which includes ransomware attacks.
However, cyber extortion limits often only cover a portion of ransomware costs, leaving companies on the hook for the rest. In some cases, companies realize too late that their policies don’t include ransomware insurance at all—after their insurance company denies coverage completely.
In the past few years, the cyber insurance market has shifted significantly, in large part due to increasing ransomware attacks. A cyber policy that covered ransomware several years ago may exclude coverage altogether today and cost substantially more. Companies with an existing policy should reassess their coverage to ensure it adequately covers their risks and consider purchasing additional limits. If you don’t have cyber insurance, now is the perfect time to invest—data shows that premiums are beginning to level out.
Getting ransomware insurance isn’t always as simple as applying for a policy. Many insurers will deny coverage if you don’t meet their security requirements, which may include multi-factor authentication, regular software updates, and remote login controls. An experienced insurance broker can help you determine if you meet cyber liability insurance requirements and provide recommendations if you don’t.
At Southpoint, we specialize in finding the most comprehensive business insurance policies for companies big and small. If you’ve been hit with cyber coverage exclusions or premium hikes recently, our team can help you find a more affordable policy. We gather quote options from our insurance company partners and help you decide which policy works best for your business. And if your current policy doesn’t have enough ransomware coverage to cover costs in the event of a loss, we can help you find supplemental coverage from top-rated carriers.
Get in touch today to request a ransomware insurance quote or speak with a Southpoint expert about your cyber coverage options.