Proactive identification of ransomware vulnerabilities to help strengthen your critical controls and uncover potential threats in your network.
Market Overview
Insurers are experiencing mounting losses, largely driven by the proliferation of ransomware attacks, which have increased 486% from Q1 2018 to Q4 2020.1 Damages to businesses and organizations and costs associated with ransomware are expected to reach USD 20 billion in 2021.2
Aon’s Cyber Solutions saw an increase in claim frequency of almost 100% in 2020, the majority being ransomware event-related, resulting in an average pricing increase of 5-10% year-over-year. Many cyber insurers have said that rate adjustments were not enough to compensate for the increased frequency and loss severity.3
In response, insurers have introduced new ransomware-specific applications, including Aon’s Supplemental Ransomware Application, which is being used by multiple carriers. These efforts are focused on enhancing insured risk controls, and risk selection for insurers.
Ransomware poses a business interruption and balance sheet risk, but only 31% of organizations report having adequate business resilience measures in place.4
The Need
It is critical that you demonstrate concrete risk mitigation actions, or you might be subject to sky-high cyber premiums or reduced coverage. We recommend that you take steps to reduce your organization’s exposure footprint by concentrating on controls and minimize the probability of an incident.
How We Help
Aon’s Cyber Quotient Evaluation (CyQu), a comprehensive risk self-assessment tool that evaluates cyber risk maturity across nine critical domains, and Aon’s Ransomware Supplemental Application can help you proactively identify ransomware vulnerabilities prior to an insurance placement. Our highly regarded Stroz Friedberg Incident Response Team reverse engineered the forensic evidence of breaches5 to identify critical attack vectors, which we have mapped to ransomware supplemental questions and key critical controls that help prevent ransomware attacks.
We have developed two ransomware bundled offerings leveraging our proactive and reactive tool kit to help you work to close your cyber security gaps:
1. Ransomware Readiness: helps you address the critical controls needed to help prevent hackers from deploying ransomware.
- We help align ransomware defenses and assess capabilities against attack scenarios leveraging our proactive security professionals, while combining scanning and vulnerability assessment solutions to deliver a Defense in Depth approach.
2. Ransomware Protect: can help you determine if an attacker has already successfully
breached your environment.
- We applied our deep experience handling some of the largest, most difficult cyber investigations to create a leading-edge framework that includes tooling and scanning to help unearth attack vectors, attacker techniques and indicators, and provide ongoing visibility into risk exposure. We have coupled this tested framework with access to seasoned security advisory professionals to offer you tailored support.
- Our ransomware solutions provide the infrastructure to help identify and work to improve your cyber posture prior to placing insurance, reduce the likelihood of an incident, and help position you to secure coverage.
Why Us
Aon is the only firm that can manage cyber risks proactively and reactively across the entire cyber ecosystem and through the insurance lifecycle.
Looking to safeguard your organization? Find out how our cyber security solutions can help you. Interested in learning more about the ransomware bundle? Call us +1 212.981.6540
Source
1 Source: Risk Based Security, analysis by Aon. Data as of 1/5/2021; Ransomware payment per Coveware Ransomware Report as of 11/4/2020
2 “Cyber Security Ventures,” https://www.thesslstore.com/blog/ransomware-statistics/
https://www.sdxcentral.com/articles/news/ransomware-attacks-spike-148-amid-covid-19-scams/2020/04/
3 Source: Aon’s Cyber Solutions U.S. Underwriter Survey, January 2021
Guidance is provided through Aon’s proprietary survey of the top 12 E&O/Cyber insurers Aon trades with. This is not proposed pricing, or guidance specific to a particular insured’s program. This is portfolio level guidance offered by underwriters who participated in the survey.
https://www.aon.com/cyber-solutions/thinking/consider-these-10-critical-steps-to-prevent-and-detect-ransomware-threats/
4 Data on security performance trends were drawn from Aon’s Cyber Quotient Evaluation (CyQu), an online (CyQu), an online cyber risk assessment. 996 organizations representing 20 industry groups and spanning North America, Europe, Middle East and Africa, and Asia-Pacific.
5 Hundreds of ransomware cases examined in 2020.
6 McMillan, Robert and Ryan Knutson. “Yahoo Triples Estimate of Breached Accounts to 3 Billion.” The Wall Street Journal, October 3, 2017.