This Week in Ransomware – Friday, April 29, 2022
Companies are looking to cybersecurity insurance to mitigate ransomware losses, but cyber insurance may not be a panacea. Insurers may refuse a claim if companies don’t take steps to ensure that that they have adequate defences in place.
Cyber Insurance often falls short – Telus Report
Forty per cent of Canadian companies indicated that they have cybersecurity insurance that covers a ransomware attack, according a recent Telus study. The study further reports that organizations that have experienced attacks in the past 12 months are more likely to have cyber insurance.
Yet the study also found that cyber insurance does not always pay out. It notes that eight per cent of companies did not receive any payout at all, and that nine per cent were still waiting for their payment. Further, although 79 per cent of companies that filed a claim received a payout, coverage for 28 per cent of these companies was dropped.
Sourced from the study which can be downloaded from www.telus.com/RansomwareStudy. (Registration required)
Fewer insurers offering cyber coverage and coverage is harder to get
Cybersecurity coverage may also be harder to get for many companies, according to a report featured in IT World Canada this week. Most, if not all companies who provide cybersecurity insurance are experiencing losses. Canadian Underwriter reported that in the first eight months of 2021, companies took in $96 million in premiums, but received claims for $106 million. Inevitably, losses like this would result in higher premiums, more scrutiny on claims and in some cases, refusals to insure companies that were perceived to be at high risk.
Almost half of the respondents in a study cited in the IT World Canada article said cyber insurance policies are now more complex than they were in the past, 37 per cent noted that it was taking longer to get coverage, and for those who can get it, it’s more expensive.
The positive news was that the increased scrutiny by insurers may be forcing companies to take cyber security more seriously. Ninety-seven per cent of respondents said that they made improvements to their cyber defences to improve their cyber insurance position.
The bad news is that it remains harder to find insurers offering cyber coverage. Forty per cent of respondents said fewer companies are offering cyber insurance.
Sourced from an article in ITWorldCanada
Are companies making it too easy for ransomware attackers?
Despite the increase in ransomware attacks and the known costs, a report this week noted that vulnerabilities dating back as far as 2018 are still being exploited by threat actors. The report is from cyber intelligence agencies in Canada and its Five Eyes allies.
The report lists the top 15 vulnerabilities used to gain access to IT systems in organizations that had not patched their software.
Of those 15, one dates back to 2018 (CVE-2018-13379), a path traversal vulnerability that affects security appliances running Fortinet’s FortiOS and FortiProxy; one dates back to 2019 (CVE-2019-11510), a vulnerability that allows arbitrary file reading in Pulse Secure’s Pulse Connect Secure VPN; and two date back to 2020 (one is the Zero Logon vulnerability for Windows, while the other is for Microsoft Exchange).
Many of the remaining vulnerabilities that the report identifies have been known for months. Further, the report states, “their continued exploitation indicates that many organizations fail to patch software in a timely manner and remain vulnerable to malicious cyber actors.”
Patching software is only one of the basic steps to make it tougher for ransomware attackers to gain access. The Telus study quoted earlier has a complete list of ransomware defences that should be in place. Failure to execute on these basic steps may make it difficult to obtain cyber security insurance and could invalidate existing coverage. Companies should read their policies carefully to ensure that they are taking all of the steps necessary to ensure their coverage remains in force.
Sourced from article in IT World Canada
Absorbable Modified Polymers Technology Advanced Technology Grants Pass Aidan'S Professional Technology Services Albuquerque Nm Information Technology Recruiters Bhd Technology Vr Catholic "Information Technology Ceo Comcast Technology Computer Technology Electronic Current Applications Of Rdna Technology Disadvantages Technology Law Ferrum Technology Services Fundamentals Of Medical Laboratory Technology Gmu Department Of Information Technology Hornborg Alf Technology Effects I'M Done Working In Technology James V. Arms Technology Jurassic Park Technology Analysis Liquidmetal Technology News Llc Mathey Technology And Engineering Medical Technology In 500 Bc Musc Library Technology Downloads New Jersey Technology Office Space Pc Ralley Technology Ridge Technology Services Technology 3x Reverse Etf Technology Abuse Use Technology Adoption Three Types Technology Advantage Info Technology And Improving Menial Jobs Technology Classroom Building 311 Technology Companys In Usa Technology Distracting Studying Students Technology Docking Stations Technology Enablement White Paper Technology Images For Ppt Technology Impact On Finance Departments Technology In Chennai Technology In Greek Translation Technology Into History Lesson Technology Is Electricity Ted Talks Technology Professionals Of British Columbia Technology Relatesecuirty Topics Technology Studies Emu Technology To Prevent Medication Errors Technology Want What Ails Look Tesla Technology Roadmap Veterinary Assisting Vs Veterinary Technology Wentworth Institute Of Technology Animation What Is Today'S Technology With The Arise Of Technology
- SwitchBot Curtain Rod 2 review: This smart curtain controller gets a streamlined design
- Dodge Co. cold case solved using new DNA technology sparks privacy concerns
- Two key secondary players are back in Lubbock
- Machine Learning Trends Impacting Businesses In 2022
- Every free game on Netflix (May 2022)