Ransomware and Cyber Insurance in 2022

Cyber Security Trends Around Ransomware and Cyber Insurance in 2022

According to Check Point’s 2021 mid-year report, global cyberattacks increased by 29% in the first half of 2021. This statistic indicates a continuing rise in cyber attacks as cybercriminals take advantage of remote working arrangements and other changes brought about by the pandemic.

Cyber attacks are also getting more sophisticated and aggressive, resulting in costly payouts by affected businesses and cyber insurance providers.

Cyber insurance premiums and paperwork requirements to procure a cyber insurance rider for your policy increase exponentially with more sophisticated cyber-attacks. A couple of years back, it took only one sheet of paper with five check boxes. Today, the paperwork has become a plethora of questions and requirements before a limited insurance policy rider is granted.

My recommendation is that companies adopt a holistic cyber security approach. It should encompass increasing networks, websites, building security, and adding regular employee security training.

Cybercriminals continually advance their schemes and operations. That’s clear from the  93% rise in ransomware attacks over the last six months. A new attack technique called Triple Extortion is fueling the increase. Additionally, cybercriminals also target customers and business partners and demand ransoms from them.

Supply chain attacks are also becoming very popular. Instead of a frontal assault on the main network, attackers put their efforts into finding vulnerable endpoints among trusted vendors in the supply chain.

The main lesson here is that all businesses and government agencies are vulnerable to attacks. No entity should assume immunity to cyber attacks. Therefore, organizations need to take stringent cybersecurity measures. Here are five recommendations for organizations to avoid cyber-attacks in 2022 and beyond.

1.  Secure Your Hardware

Use the latest security patches and strong passwords on all devices in your network. You can also implement two-factor authentication and turn on BitLocker device encryption for mobile devices, allowing remote wipes for lost or compromised devices.

Organizations should also start looking at “zero-trust” security solutions for protection against ransomware.  Traditional security products like firewalls and antiviruses are no longer effective against today’s ransomware attacks. Multifactor authentication and application whitelisting have proved effective against unwanted access and ransomware attacks.

2.  Encrypt and Backup Data

For data encryption works well in the event of data breaches.  If a data breach occurs, the data would be inaccessible and useless to the attackers.

3.  Performing Regular Network Security Scans

Organizations should run regular network security scans to identify active devices and vulnerable endpoints. Supply chain networks should also regularly audit vendors and other players’ security compliance.

4.  Train your employees

According to research, 30% of cyber attacks come from access to the organization’s networks. Ongoing training is very important to maintain a heightened awareness of cyber threats. In addition to cyber security training services, organizations should test their employees’ preparedness.  For example, they could deploy fake phishing scams and establish appropriate responses whenever necessary.

5.  Invest in cyber insurance

Organizations should consider business continuity insurance to fall back to if the security measures taken fail. Cyber security insurance helps the recovery process by offering financial and remediation services for clients who fall prey to cyber-attacks.

Ransomware prevention is continuously evolving almost as fast as the threats they chase.  The latest ransomware prevention and protection trends are Zero Trust Policies, Dark Web Monitoring, and Employee Cybersecurity Training with Phishing Simulations.

Cyber insurance is a basic requirement for most businesses these days. The Cyber policy will provide the support needed after a successful breach.

As we enter 2022, confirm you’ve got a security partner who can help your address and protect your organization against potential threats. They should also respond in the event of an emergency. Contact us today to find out more about how we can assist you.

Special thanks to my friends at Pure IT in Calgary for their support and help in researching this information.