DarkReading.com reported that “Organizations lack sufficient levels of cyber-insurance coverage to protect themselves in case of a ransomware attack, with just 14% of businesses with 1,400 or fewer employees boasting coverage limits above $600,000.”  The August 11, 2022 article entitled “Cyber-Insurance Fail: Most Businesses Lack Ransomware Coverage” included these comments about a “BlackBerry and Corvus Insurance survey of 450 business decision-makers for IT and security solutions”:

Nearly six in 10 (59%) of respondents said they hoped the government would cover damages when future attacks are linked to other nation-states, and fully half of small to medium-size business (SMB) respondents said they hoped Uncle Sam would increase financial aid in all ransomware incidents.

The survey also revealed that the increased software requirements demanded by insurance brokers is making cyber insurance harder to get — more than a third of respondents said they had been denied coverage due to unfulfilled endpoint detection and response (EDR) software requirements.

Overall, the findings indicated that even when organizations do have cyber insurance, the coverage lacks critical elements, with 43% of survey respondents not covered for auxiliary costs, including court fees or employee downtime.

What about your company?