Cyber Insurance Firms Start Tapping Out as Ransomware Continues to Rise
Monday, May 24, 2021
The decision, which reportedly came after French authorities questioned whether the practice had fueled the current epidemic in ransomware attacks, may be just the beginning of a general retreat that will force companies to reconsider their attempts to outsource cyber-risk to insurance firms. Already, the massive damages from one damaging crypto worm, NotPetya, caused multiple lawsuits when insurers refused to pay out on cyber-insurance claims.
AXA's decision could signal the insurance industry agreeing that ransomware payments spur greater ransomware activity, forcing companies to deal with the direct damages of cyberattacks, said Ilia N. Kolochenko, founder and chief architect at security firm ImmuniWeb SA, in an assessment of the impact of the insurer's decision.
"On one side, this decision will likely hinder flourishing ransomware business and indirectly incentivize would-be victims to implement better cybersecurity and enhance their cyber-resilience," he said. "On the other side, the categorical ban will unfairly discriminate against enterprises who adequately care about their cyber defense but nonetheless fall victims to sophisticated attacks or because of their careless suppliers." Read Full Article
The Tech Blog Writer: 1593: ImmuniWeb – Attack Surface Management with Dark Web Monitoring
Security Boulevard: Biden EO Has Teeth, But May Prove Difficult to Implement