Ransomware’s resurgence

IN Partnership with

After a lull following the early months of the war in Ukraine, ransomware is again emerging as the top cyber threat – but wholesale broker INSUREtrust is banking on pre-emptive AI tools to help clients navigate the risk

RANSOMWARE HAS returned to the cyber stage in terms of both frequency and severity – but AI might play a hand in better protecting against attacks in the future. Cyber threats never went away, but have changed how they manifest themselves. In 2022, the Russia-Ukraine conflict saw ransomware take a dip, but now “ransomware has returned in terms of both frequency and severity … the numbers have spiked back up this year,” says Hunter Maskill, managing director at INSUREtrust. In fact, global weekly cyberattacks rose by seven percent in the first quarter of 2023 compared to the same quarter in 2022, according to Info Security magazine. And the interconnectedness of how data is shared and stored is proving to be part of the problem. “We’ve seen large holders of data who have been compromised create a waterfall effect into hundreds, and even, in certain cases, thousands of secondary victims – clients who weren’t necessarily breached on their end, but somebody holding their data was, and therefore the client is responsible for that data under privacy laws,” says Maskill.

INSUREtrust, headquartered in the Atlanta metro area, is the insurance industry’s leading specialty insurance brokerage for emerging risks. In April 1997, INSUREtrust manuscripted a unique policy form designed explicitly to cover exposures associated with the internet’s emerging digital risks. This would later become known as the cyber insurance industry. INSUREtrust is a subsidiary of Starwind Specialty, one of the largest program-management operations in North America. INSUREtrust continues to be an independent resource for the risk management needs of both technology and non-technology companies.

Find out more

“There’s a host of next-generation tools available that can help our clients keep pace with the threat actors”

Hunter Maskill, INSUREtrust

The cyber market continues to evolve, with the vast majority of clients now having what is considered to be an acceptable baseline of controls, says Christiaan Durdaller, president and CEO of INSUREtrust. This is particularly the case for middle-market and enterprise business. “The next step in the staircase is figuring out the most effective way to get our 30,000+ clients from a baseline of controls to best-in-class, prior to insurance companies directing them to do so,” Durdaller says.

One emerging part in the battle against threat actors is new AI security tools that a client can use, by which “AI is woven into the safekeeping of an insured’s network,” says Maskill. “There’s a host of next-generation tools available that can help our clients keep pace with the threat actors.” As an example, INSUREtrust uses specific artificial intelligence tools to quantify the number of records their clients have on their network, which is one of the more difficult parts of the risk-management process. Plus, AI can identify which files

“Another issue we see clients struggle with is development of clear and usable loss data,” says Maskill. With the return of ransomware to the forefront of the cyber-threat landscape, INSUREtrust has seen substantial business interruption claims develop. But producing lost income data to support that claim to insurance companies has been a challenge. As a result, he recommends bringing in forensic accountants at the beginning of the claim process. “A properly constructed cyber policy is actually going to pay for the forensic accountant to join that conversation,” says Maskill. “It’s not going to be an out-of-pocket cost for the insured, and will make the claim process to recoup lost income significantly less painful.” The worst thing Maskill sees, however, is clients deciding they are going to manage the claim themselves. “As a specialty cyber broker, INSUREtrust has been through thousands of claims and has the expertise and resources to get a favourable outcome,” says Maskill. INSUREtrust can provide that vital support at all stages of the claim process.

AI is creating a new, better cyber insurance reality

Published 09 Oct 2023

“You don’t want to wait until the attack happens – rather, you want to reduce and mitigate your overall exposure prior to a bad actor gaining access,” says Maskill. One way in which INSUREtrust is keeping on top of digital risk is through their proprietary technology platform, Cyber Pre-Check, which is driven by AI to empower clients to move through the application process in an efficient and real-time manner.

Specialty

Best in Insurance

Resources

Risk Management

News

RSS

Sitemap

About us

Conditions of Use

Terms & conditions

People

Specialty

Best in Insurance

Resources

Risk Management

News

RSS

Sitemap

About us

Conditions of Use

Terms & conditions

People

Specialty

Best in Insurance

Resources

Risk Management

News

RSS

Sitemap

About us

Conditions of Use

Terms & conditions

People

“[What is the] the most effective way to get our 30,000+ clients from a baseline of controls to best-in-class?”

Christiaan Durdaller, INSUREtrust

have not been touched in, say, five years, and therefore can be pulled offline.

Cyber Pre-Check uses a combination of tools that includes, but is not limited to, risk modeling and limit adequacy tests, autonomous application review, and external vulnerability scans of the client’s environment – all before going to market. This means valuable data is gathered, analyzed, and presented to support creating a best-in-class submission. According to Durdaller, it gives INSUREtrust’s network of brokers and partners a competitive advantage in the marketplace, and a new level of confidence. Additionally, Cyber Pre-Check’s digital asset inventory feature allows clients the option to share their critical and non-critical technology assets, which can lead to preferential

Of course, Cyber Pre-Check is not the only measure that clients should take to analyze and mitigate their risk. Companies can use a variety of preparation exercises and drills to get ready for a possible attack – tabletop and mock-drill exercises, creating incident response plans, finding reliable vendors, etc. “These are all crucial things to work through prior to an actual claim happening,” says Maskill. But there must be a commitment from the C-suite in creating an actionable plan.

Clients need to be full partners in cyber incident strategy

treatment from cyber insurance carriers. The completed repository of information preserves the client’s application, streamlining the renewal process and eliminating the need for a completely new ransomware application every year. In summary, it is described as a groundbreaking product – one that allows clients to stay constantly aware of their digital and cyber risk in real-time, both mitigating the risk of a substantial claim and driving a process to create the best possible market submission.

Global weekly cyberattacks rose by 7% in the first quarter of 2023, compared to the first quarter of 2022

Each firm faces an average of 1,248 attacks per week

Figures from Check Point’s latest research report indicate that the education and research sectors experienced the highest number of attacks, with an average 2,507 per organization per week – a 15% increase compared to the first quarter of 2022

One in 31 organizations worldwide has experienced a ransomware attack over the first quarter of 2023

Rising cyber attack incidents

560,000 new pieces of malware are detected every day

There are now more than 1 billion malware programs circulating online

Source: Forbes magazine, dataprot.net, Check Point

Insurance costs fall in 2023

Cyber insurance costs are down by 9% in 2023 compared to 2022

However, ransomware activity has increased 47% in the first quarter of 2023, compared to the same quarter in 2022, according to IT Pro

At one point in 2021, ransomware incidents were up by 390% compared to the first quarter of 2019

Source: IT Pro, Howden Group