Your Cyber Insurance Policy Just Became Outdated

Security concept Lock on digital screen, illustration-5Just when we think we have a handle on our cyber insurance, the ransomware attackers have come and stirred things up again. I’m talking about the new trend in ransomware that you may not have considered yet. It’s the data exfiltration piece.

It used to be that our cyber insurance was sized to cover the costs of a breach or ransomware attack. We figured out the cost of notifications, credit monitoring, legal fees, standing up a call center to provide information to customers and even the PR costs associated with a data breach. We have also figured out the formula for dealing with a ransomware attack, things like digital forensics, equipment replacement, offsite disaster recovery operations and even the cost of downtime was figured in to the coverage provided by our cyber insurance policies.

The problem is, the newest threats we are facing covers both areas in a single event and not many organizations have the coverage to handle both.

The Maze variant of ransomware really put the data exfiltration piece on the map, but other strains are following suit, including revisions to the big players, such as REvil and Ryuk. Recently, Ryuk has been found to employ a tool to exfiltrate some pretty specific data, including keywords that related to government and military operations.  

If that isn’t bad enough, the attackers are even going after the customers of the organizations hit by the ransomware as shown in the attack against a plastic surgery clinic in Florida.  

What this all means is that having good backups will no longer save you from a ransomware attack, and your current cyber insurance may leave you more exposed than you think. For this reason, talk to your insurance provider and be proactive in avoiding the infection by training your users with New-School Security Awareness Training from KnowBe4.

Request A Demo: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Request a Demo!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews