Written By: Neelesh Kripalani, Chief Technology Officer, Clover Infotech
Through the years, governments, organizations and people have been threatened by cyberattacks and data breaches. However, the year 2020 has intensified the threat landscape. When the entire world took to the ‘work from home’ model, major security loopholes surfaced, and hackers have explored almost all of them. The attacks since then have grown to be more sophisticated causing severe monetary and reputation loss for organizations.
Taking stock of the growing numbers and scale of recent cyberattacks, a global survey ‘The State of Ransomware 2021’ conducted by cybersecurity firm Sophos, states that the total cost of recovery from a ransomware attack has more than doubled in a year, increasing from 761,106 dollars in 2020 to 1.85 million dollars in 2021 globally. In comparison, the survey found that in India, the approximate recovery cost from the impact of a ransomware attack tripled in the last year, up from 1.1 million dollars in 2020, to 3.38 million dollars in 2021. The World Economic Forum also highlights that cyberattacks top the list of human-caused risks globally, and research has predicted that cybercrime may cause damages worth 6 trillion dollars by the end of this year.
Facing the daunting prospects of major financial fallout from a cyberattack, CXOs around the world have turned to cyber insurance. Several companies have opted for cyber insurance to seek protection against huge financial losses. On the flipside, several hacking groups are now seeing this as a lucrative opportunity to launch cyberattacks against organizations that are backed by insurance companies. In fact, these groups brazenly display details about the company’s cyber insurance cover page and demand the ransom to be paid up since they are insured.
Hence, having a cyber insurance might cover an organization from monetary loss but it cannot protect it from leakage of confidential data and reputation loss across the industry. Organizations need an array of resources to protect themselves against cyberattacks. With the help of their cloud service providers and internal IT teams, organizations should develop strong threat detection and risk mitigation strategies along with establishing stringent cybersecurity practices.
Below mentioned are the reasons worth considering while opting for cyber insurance alone to prevent cyberattacks:
- Cyber insurance cannot cover the reputation loss, no matter how fat the insurance policy is:
Organizations not only suffer from huge financial losses while remediating these attacks but also damage their reputation which adversely impacts their image, stock value and the ability to retain and attract customers. A reputation loss to the brand causes a significant dip in the yearly financial status along with a massive blow to the brand’s goodwill among stakeholders and customers.
- ‘Bad security policies’ is one of the general exclusions in cyber insurance:
Like all other general insurance policies, cyber insurance plan also comes with an outline, detailing the features, benefits, coverages, and exclusions offered by the policy. Most cyber insurance company policies mention that lack of security measures can lead to the claim being denied if the insurer finds that the insured had not taken steps to safeguard their data. Having proper cybersecurity hygiene is of utmost importance as lack of such measures can lead to high claims rejection.
To complement cyber insurance policies, here are some of the best cybersecurity practices that organisations should implement to protect their data:
- Updated firewalls can block malicious activity before they reach other parts of the network.
- Enable round-the-clock event monitoring, event handling and security analysis of devices, networks, and applications to detect cyber threat. This can be done by means of comprehensive Security Operations Center (SOC).
- Augment cybersecurity capabilities with AI-enabled tools such as Identity and Access Management (IAM). This is critical as hackers with stolen credentials will attempt to access important data. However, this automation should be done carefully as any vulnerability in the implementation can also be used by hackers to launch a cyberattack.
- Encourage the use of available tools such as Encryption, Multi-factor authentication (like OTP, digital signatures etc.), VPN and scenario-based access policies among others.
- Promote biometric access to data through MFA (Multi-factor authentication) such as retina scan, thumbprint or facial recognition.
- Deploy security orchestration and automated response system. E.g. Company-issued devices that can be remotely wiped clean in the event of a breach.
- Set up comprehensive IDS (Intrusion Detection Systems) that monitor network traffic for suspicious activity and issues alerts when such activity is discovered.
Owing to remote working which is the new normal, cybersecurity capabilities will be stress-tested as we go forward. In such a scenario, cyber insurance should not be treated as a substitute for cybersecurity policies. The two must coexist in order to enjoy maximum protection from attacks.