SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image

Case study: Why cybersecurity insurance is essential for your business

Mon, 31st Oct 2022
FYI, this story is more than a year old

Death and taxes are inevitable. So too is the rise of cyber incidents hitting organisations where it hurts most: the bottom line. The Singapore Cyber Landscape (SCL) 2021 report from the Cyber Security Agency of Singapore (CSA) shows dramatic increases in cybercrime activity, with ransomware and phishing attacks featuring prominently as criminals seek to profit from their misuse of the internet. Combined with several examples of claims resolved by Delta Insurance's cyber lines, this confirms that every Singapore-based organisation must consider mitigating the risk of a hack or malware as serious consequences can flow from even minor business disruptions.

Released in August 2022, the SCL report tracked a 54% increase in ransomware attacks through 2021 over the year prior, noting that it is mostly small-and-medium enterprises (SMEs) being targeted. Locally hosted phishing sites were significantly up, increasing by 17% over 2020, while the presence of Malicious Command and Control Servers and Botnet Drones tripled in the period. It also noted that the Singapore Police Force reports that cybercrime is a key concern, with 22,219 cybercrime cases in 2021, representing a 38% increase from 2020.

"This tells us one thing for certain: cybercrime is here to stay because it pays for the cybercriminals," says Sebastian Phua, Delta Underwriting, Financial Lines Manager for Southeast Asia. "For hackers this is a business, and they are often organised syndicates with strong specialties, enhancing their ability to carry out successful attacks which leave your business out of pocket, or worse, out of action while you attempt remediation."
Sebastian says this is borne out by CSA's observation that cybercriminals use cloud services in much the same way legitimate organisations might source software or other resources. "The criminals leveraged Ransomware-as-a-Service. That means even amateur hackers can access the tools required to target your business."

Demand rises for cybersecurity insurance

Cybersecurity insurance is increasingly critical for businesses of all kinds as it provides financial mitigation and remediation, helping the insured party eliminate the threat, restore regular operations, and address any legal, compliance and reporting obligations. Cover often extends to reputation management, too. "While large companies tend to have in-house information security teams and access to the specialists necessary for protection, prevention, remediation and resolution, smaller businesses can't afford these resources," notes Sebastian. "We are seeing increasing demand for cyber insurance as SME owners understand the risk and look for solutions to mitigate it."

A recent report from Mordor Intelligence titled 'Singapore Cyber Liability Insurance Market- Growth, Trends, Covid-19 Impact And Forecasts (2022-2027)' confirms his view. The report states, 'Various [malware] not only affect individuals but also increasingly affect enterprises. This has increased the need for cyber liability insurance'. The report adds, '70% of the cyber-attacks are targeted at [SMEs] as they are more vulnerable because of their lack of resources, weak network security/IT infrastructure, and lack of education for employees related to cyber risk'.

"Being small and medium in no way prevents you from being a target. Every organisation is in the crosshairs, and the methods used by hackers are increasingly sophisticated, including automated systems and often a highly professional approach," Sebastian asserts.

He says prevention is far better than cure. "But if prevention isn't possible, cybersecurity insurance certainly acts as an important safety net for businesses."

Claims demonstrate value

Delta offers comprehensive cybersecurity insurance providing support for business interruption (covering loss of profits if IT systems are attacked), Third Party Liability, Hacker Theft Cover if funds are stolen, Network Extortion, Triage & Breach Consultation by appointing IT specialists or law firms as appropriate, Costs to Restore, Data Forensic Services analysing root-causes, and even Public Relations expenses helping manage your reputation in the wake of a breach. It also offers Notification Services and Credit Monitoring, preventing damage from identity theft, and provides advice on mandatory breach reporting under the Privacy Act.

Three claims recently handled by Delta demonstrate how cybersecurity insurance saved the day.

Leisure club: Personal information for sale

A government agency notified a leisure club their members' personal information was for sale in a hackers' forum. After contacting Delta through the 24/7 breach response hotline, the insurer carried out a triage assessment, then engaged a forensic consultant to investigate.

This showed evidence of a web security vulnerability exploit. With the hack identified, a patch curtailed the attack. Legal remediation included notifying relevant parties of the data breach and updating members of the status of their personal information. Supported by Delta's crisis management team, the club acted quickly, minimising damage and swiftly containing the situation. The total cost of remediation was almost $150,000, including forensic investigation, legal, customer notification and PR costs - fully covered by the Cyber Liability policy.

Telecoms: Ransomware attack

A regional telecommunications service provider suffered a ransom attack, where subscriber information was copied with a threat to make it public if unless a sum of money was paid.

The company notified Delta, which within one day deployed a forensic consultant, and in 48 hours, investigated, secured evidence, and contained the breach. A law firm concurrently provided legal advice, notifying relevant authorities, while a public relations firm provided reputational management and communications support. Complimentary credit monitoring services were provided to affected customers.

Costs of some $400,000 were fully covered under Delta's Cyber Liability policy. This included forensic work, legal expenses, credit monitoring services, negotiation services, customer notification, and PR services.

Retail: Password compromise, ransomware demand

A weak password led to a hack and disablement of a midsized retailer's website and online storefront, with the theft of more than 150,000 personal records and a ransom note demanding payment. After activating its insurance policy, Delta secured evidence of the breach, contained and terminated the threat, and secured and restored the retailer's systems. Delta breach response partners provided support by notifying the privacy regulator and the public, rapidly resolving the crisis. Delta's Cyber Liability policy covered costs exceeding $200,000.

Looking for cyber insurance? Start with your security posture

The prevalence of cybersecurity incidents means insurers must take a rigorous approach to underwriting any risks; an inadequate security posture is a sure way to lose a lot of money fast, and that extends to insurers that haven't adequately priced the risk. Sebastian, therefore, notes that acquiring cyber security insurance is a rigorous process, with the insurer examining your environment and assessing your threat surface. "This is a useful process because it helps show where you stand," says Sebastian. "If an insurer is prepared to offer cyber cover, it means your security posture is suitable. If no cover is offered, consider yourself exposed and know that some effort is required to protect your organisation from cyber threats."

Delta Insurance Singapore is a specialist underwriter of niche products, with specialist expertise in cyber and technology.