BACKGROUND:
A research paper by defence think tank Royal United Services Institute (RUSI) examining cyber insurance and the cybersecurity challenge has found that cyber insurance isn’t just encouraging cyber criminals, it’s also not sustainable for the cyber insurance industry.
“To date, cyber insurance has failed to live up to expectations that it may act as a tool for improving organisations’ cyber security practices,” RUSI said. And it warned: “Cyber insurers may be unintentionally facilitating the behaviour of cybercriminals by contributing to the growth of targeted ransomware operations.”
<p>Companies are well known for keeping their ransom demands quiet in fear of sharply decreasing their share price but this just plays straight into the hands of cybercriminals. Those who purchase cyber insurance often view it as a get out of jail card but it is anything but free. When insurers reimburse criminal demands they are funding the business model of ransomware and continuing the cycle. Although insurance may be viewed as a last chance backup method in reactively protecting organisational data, it is possible to proactively protect it by having the correct security in place initially.</p> <p> </p> <p>Proactive security solutions should be prioritised over insurance. and may even result in insurance never being relied upon. Training staff is more valuable to a company and it also educates people in their home life to block inevitable attacks at the front door.</p>