While working from home has its perks, such as reduced drive times into the office, there are also risks that have been exacerbated as a result of this ‘new normal’. In fact, the rise in remote working due to the coronavirus pandemic will increase the risk of cyberattacks, according to analytics firm GlobalData, and some have already seen this increased risk become a reality.
“Employees working remotely and not physically located in an office setting present additional hurdles for organizations to ensure best practices and solid IT organizational security,” said Ari Giller, Director of Underwriting for Tokio Marine HCC – Cyber and Professional Lines Group. “We’ve seen hackers exploit employees by obtaining their log-in credentials through phishing attacks. As a result, we’re experiencing an increased frequency in business email compromise claims, which leads to data breaches, cybercrime losses, and ransomware attacks.”
GlobalData also noted that this heightened cyber risk provides insurers with the chance to bolster their cyber insurance penetration rate, building further on the robust demand for cyber insurance already present in the marketplace, which tends to increase after major breaches, like those that affected Target and Home Depot. Nonetheless, Giller noted, “We haven’t noticed an uptick in submission counts that are specifically attributable to COVID-19.” However, as companies continue to become aware of the weaknesses in their cybersecurity defenses, it’s likely that demand for cyber insurance will increase. “As losses increase, we expect an increase in demand for cyber insurance to follow,” he said.
Cyber insurance is an even more compelling purchase when you consider that the size of ransomware demands has spiked over the past few years. Three years ago, a typical ransomware claim may have cost around $50,000, whereas Tokio Marine HCC is now seeing six-figure and seven-figure demands as hackers become emboldened by how successful they’ve been and are able to monitor emails, learn about a company, and exploit this information for profit.
Although no-one knows what the full effects of the pandemic will be, agents and brokers can take the time to highlight the inherent risk that remote work poses, as well as the losses attributable to compromised credentials, to help sell their clients on the benefits of a well-rounded cyber insurance policy. In particular, agents and brokers can focus on small and medium-sized organizations that tend to be more susceptible to cyberattacks because they often don’t invest their resources into IT security – an investment that might be even tougher now considering the financial challenges posed by COVID-19.
“Companies don’t always have the necessary IT resources to implement best practices, which means they are susceptible to an attack if they’re not clearly addressing their exposures,” said Giller.
Companies looking to purchase cyber insurance should look to an experienced insurer that has additional services and offerings in place to help mitigate cyber risks before an incident occurs and assist with the fallout when a cyberattack impacts a company.
By: Alicja Grzadkowska