March 2, 2018 by Greg Meckbach, Associate Editor
Risk managers who teach employees what suspicious email looks like can drastically reduce the risk of being hit with ransomware, a commercial insurer executive said Wednesday.
Ransomware is when criminals hack into computer systems, encrypt files and demand a ransom from the computer owners to decrypt those files.
A lot of ransomware comes with “emails that look suspicious,” Elissa Doroff, XL-Catlin’s vice president of underwriting and product manager for technology and cyber liability, said in an interview.
Security and privacy awareness training is the best line of defence, against ransomware, said Doroff, who is scheduled to speak April 18 at the RIMS Annual Conference and Exhibition in San Antonio, Texas.
Training a worker not to open a file attached to an email with the .exe extension is one way to reduce ransomware risk, Doroff advised. Another is to make sure that all software is updated with the patches provided by software vendors.
“Unfortunately, [patch updating] is a big job and companies take a while to push out the patches,” she said.
The RIMS session Doroff is scheduled to speak at is called Pay Up Or Else: Ransomware Risks.
Doroff said some law enforcement agencies will recommend against paying ransoms to decrypt computer data for two reasons: 1) there is no guarantee that you will get your files back; and 2) your organization will become known in the underground community as an entity that pays ransom.
But sometimes there is a business case for paying ransom, Doroff noted. “If the data held is mission-critical, if it’s something that you actually need, if it involves health or safety considerations, and the data can’t be restored, then sometimes you just have to pay it. It comes down to how important is the data.”
XL-Catlin cyber clients “have paid plenty of times because they need the information,” Doroff said. Claims costs arising from ransomware tend to range from $5,000 to US$75,000, she said, adding that the average claim cost is US$40,000. The cost includes both the ransom itself, plus computer forensic costs such as investigating the malware. Ransomware tends to be much less expensive than privacy breaches because privacy breaches sometimes result in class-cation lawsuits, Doroff noted.
Canadian Underwriter is a sponsor of the RIMS 2018 Annual Conference & Exhibition, taking place April 15-18 in San Antonio, Tex. To register or obtain more information, visit the event website.