EP. 4: What Cyber Insurers Should Know About the Federal Ransomware Advisories

12/16/20 • 35 min

Insuring Cyber Podcast - Insurance Journal

As the COVID-19 pandemic and the switch to remote work have highlighted cyber risks and drawn attention to the various methods cyber attackers are using, ransomware has continued to steal the spotlight.

Ransomware is a type of malicious software that is designed to block access to a computer system until a ransom is paid, and these attacks have increased in severity and frequency in the past year alone.

Just this October, the U.S. Treasury Department issued a warning that individuals or businesses, including cyber insurers, that help facilitate ransomware payments could be violating anti-money laundering and sanctions regulations.

The warnings came in a pair of advisories, one from the Financial Crimes Enforcement Network (finCEN) and the other from the Office of Foreign Assets Control (OFAC). The advisories came as the FBI and Homeland Security officials also warned in October that Eastern European criminals are increasingly targeting U.S. hospitals with ransomware and urged healthcare facilities to beef up their preparations.

“[The advisories] are going to create potential exposures and potential costs that arguably were not there before,” said Josh Mooney, chief privacy officer at Philadelphia-headquartered law firm White and Williams LLP, in this episode of the Insuring Cyber Podcast. “Cyber carriers are now going to have to take a look at what are some additional liabilities out there? And are they going to run afoul with U.S. law if they honor the obligations they have under their policies to help pay for a ransom caused by a ransomware attack?”

In particular, he added that these advisories will almost certainly add an additional layer of cost and potential liability with carriers in forensic firms – a layer that only adds to the already increased proliferation and sophistication of these attacks.

“Ransomware attacks that we’re dealing with today are very different than the ransomware attacks that we addressed and saw even as recent as 12, 14 months ago,” he said. “Before, again, as recent as a year, year and a half ago, the typical ransomware demand would be maybe in the five or six figures. Now, many of them start in seven or even eight figures.”

Ransomware has become so common that it’s actually turned into somewhat of a business model, according to Michael Carr, head of underwriting at insurance provider Coalition. He explains in this Insuring Cyber Podcast episode that there are groups – sometimes referred to as Ransomware as a Service, or RaaS – that establish footholds on companies’ networks and periodically sell that access to other groups who will drop malicious software on those networks and seek a ransom.

“So it is a situation where there’s the potential that you can be a victim more than once if you don’t properly recover from the first attack,” Carr said.

With this in mind, Carr urged victims of ransomware attacks to act quickly and work with their cyber insurers to respond.
“This is a situation where the first thing I would say is for Ghostbusters fans, who are you going to call if the incident occurs?” he said. “So is your cyber insurer going to have somebody on the other end of the phone line who can actually quickly engage all of the right resources, legal forensics, etc., to respond to the attack? Because generally speaking, the longer it takes to respond, the more expensive these things can become.”

Check out this latest episode of the Insuring Cyber Podcast to see what else Michael and Josh had to say and be sure to tune in every other Wednesday for new episodes published along with the Insuring Cyber newsletter.

The post EP. 4: What Cyber Insurers Should Know About the Federal Ransomware Advisories appeared first on Insurance Journal TV.

“So it is a situation where there’s the potential that you can be a victim more than once if you don’t properly recover from the first attack,” Carr said.

The post EP. 4: What Cyber Insurers Should Know About the Federal Ransomware Advisories appeared first on Insurance Journal TV.

Previous Episode

EP. 3: Beneath the Surface: Why Insurers Should Look Beyond “the Tip of the A.I. Iceberg”

Nearly 75% of respondents in a recent survey from the Coalition Against Insurance Fraud and Shift Technology said they believe that among relevant technology, artificial intelligence (A.I.) will have the greatest impact on claims and fraud detection over the next five years.
However, Coalition Against Insurance Fraud Executive Director Matthew Smith says this is likely just the beginning in terms of A.I.’s impact on the insurance industry.
“We are literally at the tip of the A.I. iceberg in 2020,” he says. “Insurers are just starting to use it.”

In this episode of the Insuring Cyber Podcast, Smith discusses how insurers are using A.I. technology to detect and prevent fraud.
In fact, nearly all of the surveyed insurers in the Coalition and Shift Technology’s September research report said they’re using anti-fraud technology, and more than half of surveyed insurers said they’re specifically using A.I. technology as part of their anti-fraud strategy.

“If we get it right, it’s going to be the greatest thing we’ve ever had to fight insurance fraud,” he says.

Also in this episode, Itay Bengad, CEO and co-founder of MDgo, discusses how the use of A.I. is serving as a benefit for claims processing in insurance. MDgo is a provider of accident detection and response technology for the insurance industry.
“At the most basic level, the claims process can be automated to reduce the amount of manual labor,” he says. “At higher levels of A.I., it is possible to introduce new data sources to the claims process, making it faster or more predictable, efficient, personalized.”
Bengad sees A.I. as a benefit to the insurance claims process because the data can be leveraged to improve the level of service personalization, which can have a direct impact on a carrier’s expenses, customer retention and operations, he says.
“That’s I think the place where A.I. has the most potential effect within insurance carriers,” he says.
Smith and Bengad both also discuss in this episode why insurers may be hesitant to embrace A.I. due to data privacy concerns and how insurers can navigate these challenges in order to take advantage of this technology.

“The risk is great, but the advantages are even greater for us if we get it right...” Smith says. “The number one thing that we at the Coalition tell our insurance members about artificial intelligence is to embrace it. Do not be afraid of it.”

Be sure to check back twice a month for new episodes of the Insuring Cyber Podcast, published every other Wednesday together with the Insuring Cyber newsletter.

The post EP. 3: Beneath the Surface: Why Insurers Should Look Beyond “the Tip of the A.I. Iceberg” appeared first on Insurance Journal TV.

Next Episode

EP. 5: Expecting the Unexpected: Cyber Lessons from 2020

What is the biggest lesson that cyber insurers should carry into 2021 after a year in which the COVID-19 pandemic took center stage?

In the first Insuring Cyber podcast episode of the new year, Tim Zeilman, vice president and global cyber product owner at Hartford Steam Boiler (HSB), discusses how lessons learned from the coronavirus pandemic and from recent significant cyber attacks are more related than insurers may think.

“I think the lesson is pay attention and learn the lessons of the close calls,” he says. “So when you think about the COVID-19 pandemic that we’re in the midst of right now, it’s not the first one. We had inklings that things like this might happen.”

Indeed, over the last decade, disease outbreaks such as Ebola and H5N1, or the avian flu, hit the news, although these outbreaks never amounted to the same global scale as the COVID-19 pandemic, he explains.

“I think you can make an analogy to cyber attacks,” he says. “We haven’t seen the big one yet. We haven’t seen the massive cyber hurricane that everybody worries about and models, but we have seen some smaller events. In particular in 2017, we saw NotPetya and WannaCry.”

He says the message to be taken away from this pandemic as well as the cyber attacks seen in the past few years is don’t ignore the near misses.

“Don’t expect that the future is going to look like that – that we’re always going to have these small, somewhat contained events that might be big but are not the massive big one,” he says. “I think that the bottom line there is really to keep your focus in cyber insurance on accumulation, to plan for that big one that might look like a WannaCry or a NotPetya event but on a much larger scale and much greater impact, and plan for what that would mean to your cyber insurance business.”

Also in this episode, Lauren Winchester, vice president of Smart Breach Response at Corvus – a provider of artificial intelligence driven commercial insurance products – takes a look back at some of the big trends in cyber insurance in 2020 and discusses what cyber insurers should be paying attention to in the new year.

“I think visibility into vulnerabilities is going to be really key – how cyber insurers manage to partner with other vendors or build in-house capabilities in order to get a better sense of their risk pool and the vulnerabilities among their policy holders,” Winchester says.

She adds that going forward into 2021, it will be important for cyber insurers and their clients to establish a greater partnership in order to better understand how they can work together.

“I think insurance buyers in working with their brokers should really be considering what else their cyber insurance company can be doing for them,” she says. “It’s really so much more than just risk transfer at this point, and they should and can ask more of their cyber insurer.”

Thanks for listening and be sure to check back for new episodes every other Wednesday published together with Insurance Journal’s Insuring Cyber newsletter.

The post EP. 5: Expecting the Unexpected: Cyber Lessons from 2020 appeared first on Insurance Journal TV.