Streamline your cloud experience and maximise your cloud investment with Microsoft Azure-aligned public cloud services.
Host all of your workloads in the most appropriate location while experiencing the simplicity of one cloud from Six Degrees.
Enhance your cyber security and safeguard your organisation with our cyber security strategy and advisory, consultancy, and managed services.
Connect your business through a comprehensive connectivity portfolio delivered via our owned and operated core Next Generation Network (NGN).
Secure your productivity on any device, anywhere, any time.
Streamline your hosting with comprehensive colocation services delivered from three UK data centres.
Gain clarity and control of your 5G estate, ensuring ongoing cost efficiencies are managed on your behalf through our managed service.
Gain confidence in your cloud direction and achieve accelerated time to value through our assured and optimised cloud services.
Master today’s complex threat landscape and protect your business with our intelligence-led security services.
Videos and webinars are a great way to digest the latest technology insights.
Our eBooks and whitepapers provide in-depth insights from our experts.
Our thought leaders publish regular blogs on up-to-the-minute topics.
Learn all about the latest news from Six Degrees as we continue to evolve.
We host regular in-person and virtual events for our clients.
Discover how Six Degrees has driven success for others.
Learn how we enable our clients to achieve more; providing superior secure solutions, powered by our passionate people.
We are proud to partner with many of the world’s leading vendors, enabling you to leverage our continual investment in difference-making technology.
Learn how CNS at Six Degrees delivers intelligence-led security services that protect organisations in today’s hostile landscape.
We are committed to operating in an environmentally and socially conscious way. Learn more about our commitments as a business.
We are proud of our secure cloud credentials. Learn why we’re one of the most highly accredited providers in the UK.
We are a friendly and passionate bunch here. Whether you want to work with us or for us, we think you’ll enjoy the Six Degrees experience.
Home » Blogs » Ransomware Trends 2022: How insurance industry decisions impact best practice
After all, insurance payouts are only relevant after malicious actors have breached your network, and prevention remains a better outcome than remediation.
Of course, preventing an attack altogether and protecting against costly reputational damage is easier said than done. It requires maintaining data security and a robust, comprehensive strategy that incorporates cutting-edge tech tools with human expertise. Here, we’ll further explore the implications of the ABI’s decision and explain what you can do to keep your business safe in this rapidly evolving risk landscape.
Suggested reading: If you need help explaining cyber security to leadership, check out our free toolkit — Board Presentation Template: Cyber Security and Threat Management.
In light of a rapid spike in cybercrime — nearly half of British companies experienced a cyber-attack in 2020 — the ABI has asserted its view that insurance plays a key role in minimising the risk of cyber-attacks and supporting post-attack business recovery efforts. The ABI also argues that its decision will play a vital role in supporting the UK government’s goal of increasing cyber resilience in the private sector.
However, many cyber security experts are understandably concerned about the broader implications this move will have on the risk landscape. Former Chief Executive of the National Cyber Security Center, Ciaran Martin, has stated that ransomware was already ‘close to getting out of control’ and believes that insurers providing payment support would only exacerbate the issue. Likewise, Prof Martin of Oxford University’s Blavatnik School of Government expressed worry that insurers were essentially ‘funding organised crime’ through accepting ransomware claims. However, he did concede that the issue of ransomware is inherently too broad and complex for the insurance industry to address on its own.
Despite these concerns, the ABI defended its decision, noting that insurance isn’t intended to serve as an alternative to a larger risk management strategy. Instead, its sole intention is to protect firms that could face financial ruin without proper insurance coverage. An ABI spokesperson also reiterated the fact that insurers will require companies to take ‘reasonable precautions’ against cyber-attacks, similar to those homeowners and car-owners must take to deter thieves.
Unfortunately, the current ransomware landscape does look bleak. Over just the past year, the estimated cost of ransomware attacks has nearly doubled, from $11.5 billion in 2019 to $20 billion in 2020. For companies, the average cost of a malware attack comes in at $2.6 million, while the average data breach ends up costing a whopping $3.9 million.
There’s no question that social distancing measures and the accompanying shift to distributed workforces have played a significant role in the uptick and increased cost of cyber-attacks. For instance, the necessity of remote work has led to a rising number of remote desktop protocols (RDPs) exposed on the internet. And today, 95% of companies do some work in the cloud. As we all know, cloud presence — whether for internal functions or via solutions such as Microsoft 365 — has the potential to increase attack surface if not configured and managed correctly, creating vulnerability.
Here’s just a brief overview of how the landscape has evolved over the past year—and remember, as remote work carries on, all of these 2020 ransomware trends are likely to continue in 2021 and beyond:
Tomorrow’s risk landscape looks even more treacherous than today’s. And as experts have noted, insurers’ inclusions of ransomware attacks could indeed lead to larger (and in many cases, virtually guaranteed) payment demands from hackers. In turn, this could legitimise, embolden and incentivise these malicious attackers to continue striking.
So how should organisations respond to this new development? It’s critical to start by considering the merits of taking out an insurance policy that covers ransomware. After all, protecting your financial assets in the event of an attack must remain a priority — and that’s why this insurance exists.
However, it’s also critical to protect yourself in more direct ways. Attacks cost much more than just the ransomware demand — they can also cost your company:
Being proactive means creating a robust and flexible cyber security system that limits its exposure to ransomware in the first place — but also one that can respond to an attack when it occurs.
Ensuring that your company is adequately armed to operate in this risk landscape begins with investing in the right technology. For businesses working remotely, endpoint security strategy is key. Endpoint security focuses on protecting the overall network by securing user devices, known as endpoints, where 70% of all breaches originate.
That said, even the best technology can’t stand on its own. While smart tech tools can alert you to a problem and quarantine an issue, you really need real-time human expertise to eliminate and remediate the threat.
As the number of threats increases and the severity of attacks escalates, human expertise is increasingly in demand and difficult to come by. While it’s certainly possible to build a threat response team in-house, it’s not always practical, especially given the growing skills shortage of cyber security experts. For many businesses, the costly and time-consuming efforts around recruiting, hiring and retaining in-house talent pose a significant barrier to entry.
Fortunately, bypassing this issue is easier than ever if you partner with cyber security experts who can deliver high-level cyber security outcomes as-a-service. Managed detection and response (MDR) services, like those we offer at Six Degrees, play a vital role in most modern operations. Working with an MDR partner enables you to benefit from:
For businesses of all sizes, combining the tech benefits of endpoint security with the human expertise offered by an MDR service is often the most efficient and effective way to minimise exposure and respond quickly to threats like ransomware.
Remember: the ABI’s decision — while intended to help businesses — is likely to incentivise attackers. Although insurance might help you recover your ransomware demand payment, it won’t help you prevent an attack from happening in the first place, nor will it protect against other costly forms of damage.
Ready to arm your business for battle in the ever-evolving ransomware landscape? Check out our guide, Planning For the Future of Cyber Security Today and learn about how MDR can help you do more with less and future proof your cyber security for 2021 and beyond.
Network connectivity has never been more resilient, and…
Each year we conduct a Customer Relationship Quality…
As the UK continues to phase out 3G…
Whether they admit to it or not, most…
More information on our Privacy and Cookies Policy can be found here: https://www.6dg.co.uk/privacy-cookies/. You can update how we contact you in the future by visiting our Communications Preference Centre here: https://www.6dg.co.uk/preference-centre/.