Providing the Right Information to Brokers and Underwriters, Including a Statement of Ransomware Resilience and Other Documentation, Mai Help Secure Better Terms

SAN JOSE, Calif.—Juli 20, 2021—The latest highly publicized ransomware attack, a cyber-extortion incident against Kaseya, has fueled interest in cyber insurance. In an attempt to reduce their cyber insurance costs, organizations are seeking to demonstrate they have systems in place that provide data resilience.

As a result, bat365 has recently experienced intensified demand from firms looking to better understand their options, according to Glen Shok, vice president of strategic alliances. The company provides secure global file-system solutions for managing, accessing and storing unstructured data in large organizations.

Bevor sie sich mit den Versicherern zusammensetzen, um ihre Sicherheitspraktiken und Deckungsoptionen zu überprüfen, rät Shok diesen Organisationen, eine umfassende Risikobewertung vorzunehmen. "Die Versicherer wollen, dass sowohl Präventions- als auch Wiederherstellungskontrollen vorhanden sind, einschließlich einer Analyse des Werts und der Art der versicherten Daten. Dies hat das Potenzial, das Risiko sowohl für das Unternehmen als auch für den Versicherer zu verringern und zu niedrigeren Prämien zu führen", so Shok.

He suggests they talk to their technology partners and software vendors to obtain a Statement of Ransomware Resilience (SoRR) which may be considered by insurers when negotiating direct written premium and standalone policies. bat365 offers these statements to customers and works with them when they request additional documentation for insurance purposes.

Cyber insurance prices are driven by the need for risk management and the growing incidence of network intrusions, data theft and ransomware exploits. Fitch Ratings reports that direct cyber insurance premiums increased by over 22 percent in 2020 to approximately $2.7 billion with momentum continuing into this year.

Shok sagte, dass die Versicherer auf verschiedene Weise auf die Ransomware-Krise reagiert haben, einschließlich der Begrenzung von Schadenzahlungen und der Bindung von Zahlungen an die Handlungen der Versicherungsnehmer.

"Versicherungspolicen können die Anforderung enthalten, Netzwerke und Daten proaktiv vor Infektionen zu schützen, indem Lösungen für Prävention, Schutz und Wiederherstellung eingesetzt werden. Wir möchten, dass unsere Kunden die Vorteile verstehen, die sich ergeben, wenn sie den Versicherern die richtigen Informationen zur Verfügung stellen, um bessere Konditionen zu erhalten oder Tariferhöhungen zu modulieren", so Shok.

bat365’s CloudFS is a global file system that is inherently resilient to ransomware and other malware threats through data immutability. Organizations that use CloudFS to manage, store and access their unstructured data are less likely to need to pay a ransom to regain access to data held in the bat365 file system, even if subjected to an attack. Data stored by CloudFS cannot be encrypted because the system maintains an unalterable, clean data set.

Hinweise für die Redaktion:

• Hard market pricing is being used by insurers to offset claims, along with tightened terms and conditions, and more stringent risk selection. Brokers are trying to get more and better information from their clients to underwriters, in order to secure better terms. See “Cyber insurance and the ransomware revolution” (Insider Engage, 24 Juni 2021).
• Some insurers are making payments contingent upon policyholders’ actions. They assess whether data has been backed up sufficiently to resume operations within a reasonable period of time, without the payment of a ransom. See “How are cyber insurance companies assessing ransomware risk?” (Dark Reading, 26 Mai 2021).
• More than 80 percent of all data at large organizations is unstructured. It is more difficult to store, analyze and access than other types of data. This includes sensitive and highly regulated healthcare and financial data, and petabyte-size enterprise files. See “Structured vs. unstructured data” (Datamation, 21 Mai 2021).