Looking Back At Ransomware in 2020 and What's Ahead In 2021
SolarWinds Breach Puts Federal Agencies and More at Risk
As 2020 came to an end, much of the cyber world turned its attention to the SolarWinds data breach and its potential ramifications. CNN and BitSight provided informative introductions to this particular incident and insightful guidance for organizations aiming to assess supply chain risk. As the discovery stage continues, it will be essential to stay informed as more details continue to come to light. This makes resources like Security Week's update feed important to monitor. These events should serve as a reminder that cybersecurity is a multifaceted exposure. While 2020 was dominated with headlines centered around Ransomware and the evolving privacy landscape, organizations must also keep things like supply chain risk on their radar when developing a comprehensive cybersecurity program.
A Year in Review: Ransomware
When asked to review the 2020 Cyber story, most within the cybersecurity industry would likely start with something tied to Ransomware. A recent article in Business Insurance with data supported by Beazley shows why Ransomware is top of mind for most; stating that ransomware costs doubled in the first half of 2020 alone. Another article from NetDiligence touches on reasons for Ransomware events becoming so significant, including the variety of insuring agreements (losses) that can be triggered, backups increasingly being targeted, and a rising demand value. On a regional level, the attack on Baltimore County Public Schools in late 2020 highlights the need for comprehensive protection from Ransomware threats. A recent Baltimore Sun article covers an audit from the State of Maryland that found several significant risks within the school system's network. As Ransomware activity is anticipated to continue into 2021, it is more important than ever for organizations to implement securities and procedures to mitigate the likelihood and magnitude of a ransomware event.
Looking Forward to 2021
As cybercriminals continue to become more sophisticated and the size of claims continues to grow, cyber insurance carriers are forced to take underwriting actions to reduce exposure. As a result, you should expect increased premiums, possible reductions of policy limits in larger accounts, and higher underwriting standards. Although not all-encompassing, an article from D&O Diary outlines 11 underwriting standards that will more than likely be reviewed during your next cyber renewal. Additionally, this piece includes suggested steps to take that may reduce the impact of changes to your cyber renewal and reduce your overall cyber liability exposure.
COVID-19 Update and Review
The topic of cybersecurity has undoubtedly been on all boards' agendas before COVID-19. However, the pandemic has brought extensive challenges and concerns for boards to address in overseeing cyber. An article from Harvard Law provides insights into considerations that directors can address to help their organization with the increasing cyber challenges spurred by the pandemic. The report also outlines questions that directors can ask to assist in their oversight role for the organization.
RCM&D is here for you to help protect your cybersecurity. Talk to a trusted advisor today with any questions on these highlighted issues and beyond.