TORONTO — Companies looking to purchase insurance against cyberattacks in which their data is held for ransom will soon find it more expensive and difficult to obtain, a cybersecurity expert says.
Brent Arnold, a partner at law firm Gowlings WLG in Toronto, says the U.S. insurance industry has already tightened its requirements for providing coverage for criminal ransomware attacks.
The cyber insurance industry has become a primetarget for criminals seeking its customers’ identities and scope of coverage. Knowing what victims can afford to pay can give them an edge in ransom negotiations.
Arnold says he hasn’t seen any examples of Canadian insurance companies that have been hit by cyber attacks, but he expects higher rates and stricter conditions for clients who want cyber insurance, following a trend that’s already emerged in the United States.
An index from the Marsh McLennan insurance group registered a 35 per cent year-over-year increase in U.S. rates in the first quarter of this year, following a 17 per cent increase in the previous quarter.
The U.S.cyber insurance industry is now teetering on the edge of profitability, upended by a more than 400 per cent rise last year in ransomware cases and skyrocketing extortion demands. As a percentage of premiums collected, cyber insurance payouts now top 70 per cent, the break-even point.
– With files from The Associated Press