Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Ransomware Increasingly Excluded from Cyberinsurance Policies

May 25, 2023

Security Magazine reported on May 24 that ransomware attacks were analyzed in a recent report by Veeam.

The report collected data from 1,200 impacted organizations and nearly 3,000 cyber-attacks.

For the second year in a row, 80% of the organizations surveyed paid the ransom to end an attack and recover data, despite 41% of organizations having a “Do-Not-Pay” policy on ransomware. While 59% paid the ransom and were able to recover data, 21% paid the ransom but didn’t get their data back from the cyber criminals. Also, 16% of organizations avoided paying a ransom because they were able to recover from backups.

After a ransomware attack, two choices are considered: Pay the ransom or restore-from-backup. As far as recovery goes, the research reveals that in 93% cyber-events, criminals attempt to attack the backup repositories, resulting in 75% losing at least some of their backup repositories during the attack, and 39% of backup repositories being completely lost.

By attacking the backup solution, attackers remove the option of recovery and force paying the ransom. The good news is that 82% use immutable clouds, 64% use immutable disks and 2% of organizations do not have immutability in at least one tier of their backup solution.

When respondents were asked how they ensure that data is ‘clean’ during restoration, 44% of respondents perform some form of isolated staging to re-scan data from backup repositories prior to reintroduction into the production environment. Fifty-six percent of organizations run the risk of re-infecting the production environment by not having a means to ensure clean data during recovery.

Twenty-one percent of organizations stated that ransomware is now specifically excluded from their policies, and those with cyber insurance saw changes in their last policy renewals: 74% saw increased premiums, 43% saw increased deductibles, 10% saw coverage benefits reduced.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225, Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

Ransomware Increasingly Excluded from Cyberinsurance Policies

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer