• Call: (888) 472-4262
  • Client Access
Graham Company
  • Call: (888) 472-4262
  • Who we work with
    Construction Manufacturing & Distribution Health & Human Services Real Estate Financial & Professional Services Other Industries
  • What we do
    Property & Casualty Employee Benefits Surety Services Personal Lines Cyber Solutions Our Specialties
  • Who we are
    Our History Our People Our ESOP Our Community
  • Our Difference
    The Graham Way Innovation Technical Development Safety Services Claims Management
  • Careers
    Our Job Board
  • Knowledge Center
Webinar Recap: Cyber Attack and How to Fight Back

November 10, 2021

Webinar Recap: Cyber Attack and How to Fight Back

With cyberattacks continuing to grow in prevalence, impact and sophistication, Graham Company held a webinar last month titled “Cyber Attack and How to Fight Back”. The goal was to provide our clients and leaders across various industries with updates on the ever-changing cyber landscape and best practices to implement into their business strategy. Let’s dive into a few of the panelists and the topics they discussed.

Cyber Insurance Marketplace Update

Margaux Weinraub, Cyber Practice Leader at Graham Company began with an overview of the current cyber insurance marketplace– and the increased underwriting scrutiny organizations must anticipate to find coverage. The cost of cyber insurance increased to 25.5% in the second quarter of 2021, where other lines had moderate increases compared to previous quarters1. The primary reasons are rise in ransomware attacks, lackluster risk management protocols, and lack of employee training.

In addition to the standard application process, carriers are also utilizing external scans, additional questionnaires, and having calls with IT leadership at an organization to learn more about its cybersecurity environment. Furthermore, carriers are limiting aggregate coverage capacity to $5 million and expecting organizations to share the risk exposure by increasing the self-insured retentions and adding coinsurance in the event of an incident.  

Margaux further noted that when a company assesses its insurance needs, it should go beyond looking at their internal infrastructure – posture and strength of their internal technology. They need to also include the inherent risk of their industry and external threats like what tools and techniques do cyber threat actors (person or group that take malice or hostile actions using computers, devices, systems, or networks) have that could compromise their organization.

2020 Threats and Threat Actors

Carolyn Purwin Ryan, Partner at Mullen Coughlin, shared staggering statistics surrounding recent ransomware threats that Mullen Coughlin clients have had to deal with. As of August 2021, the average ransomware demand was $1,975,188.29, with a typical payment averaging $477,348.26, paid through cryptocurrency. While negotiations often help to reduce the payout, there is still a significant amount of money involved in these attacks including forensic investigation, legal fees, and data restoration expenses. And it’s important to realize that recent news stories about ransomware payments being recovered are the exception, not the norm.

She also shared with us the breakdown of ransomware-specific incidents by industry. As you can see, no industry is free of this threat – making it critical for every business to have a cyber risk plan in place.

source: Mullen Coughlin, LLC shared a breakdown of ransomware-specific incidents by industry. As you can see, no industry is free of this threat – making it critical for every business to have a cyber risk plan in place.

Preparing for an Attack

Perhaps just as important, a full recovery process from a ransomware attack usually takes about 10 days for businesses to be officially “back online”, creating additional loss of time, money, and resources. To avoid these long delays in production, we recommend allocating between 6-10% of your IT spend on cybersecurity. The most basic security measure that all businesses should have is multi-factor authentication (MFA), or additional sign-in requests for company servers. MFAs are easy to implement and help to remedy all the top threats, both established and emerging risks. 

We also heard from Graham’s Chief Technology Officer, Mike McIntire, who outlined how businesses can best conduct employee training, with people now on the front lines of cyberattacks. Instead of leveraging the traditional, annual training method, he recommended looking to inject day-to-day trainings like send phishing emails to employees on a regular basis. If the employee clicks on the link, they instantly receive training that explains what key signs they should have looked for. This allows the company to bring all employees up to speed on best practices, in a positive way.

While there were more topics covered in our webinar, what it boils down to is that business leaders need to be constantly evaluating whether they are doing what is necessary to protect their company, employees, data, and operations from any and all persistent threats. If you’re not sure about the answer, we’re here to help evaluate your unique risk and exposures and provide recommendations to suit your needs

1CIAB Q2 P&C Market Survey 2021

Margaux L. Weinraub,

CPCU, ARM, CPLP, CCIC, Cyber Practice Leader

mweinraub@grahamco.com

Share:
Tags: Cyber Liability Cyber Liability Insurance Cyber Liability Policy Cyber Risk Cyber Security Cybersecurity Cyber Extortion Cyber cyber attacks cyber insurance
RECENT POSTS
New Year, New Rules: Healthcare Transparency Rules and Plan Sponsor Obligations
New Year, New Rules: Healthcare Transparency Rules and Plan Sponsor Obligations

Apr 05, 2022

5 HR Technology Trends to Monitor in 2022
5 HR Technology Trends to Monitor in 2022

Apr 05, 2022

5 Mental Health Employee Benefits Trends for 2022
5 Mental Health Employee Benefits Trends for 2022

Apr 05, 2022

How to Combat "The Great Resignation" by Building Customized Benefits Packages to Attract & Retain Top Talent
How to Combat "The Great Resignation" by Building Customized Benefits Packages to Attract & Retain Top Talent

Apr 04, 2022

RELATED POSTS
Data Extortion Hacking Group "Lapsus$" Compromises Several High Level Organizations
Data Extortion Hacking Group "Lapsus$" Compromises Several High Level Organizations

Mar 23, 2022

The Russia-Ukraine War and its Cyber Security Threat Implications
The Russia-Ukraine War and its Cyber Security Threat Implications

Mar 10, 2022

Cyber Insurance Protection for 2022
Cyber Insurance Protection for 2022

Jan 24, 2022

A New Era for Cybercriminals: Easy access to inexpensive, large scale computing solutions driving increased cyber liability risk
A New Era for Cybercriminals: Easy access to inexpensive, large scale computing solutions driving increased cyber liability risk

Jul 01, 2021

Home
Contact
Events
Company News
News
Branding
Privacy Policy
Graham Company

Follow us

Graham Company
Home
Contact
Events
News
Branding
Privacy Policy

Follow us

Sign up for our Newsletter!

Thank you for your submission.

Sorry! something went wrong. Please try again.

© Copyright . The Graham Company. All Rights Reserved. Site by Brand X Republic