P&C

Nice data you got there…

Robert Wice, U.S. Focus Group Leader for Technology, Media, and Business Services, Beazley
Posted on August 28, 2014
Q
Ransomware has been making news this year, what is it?
A
Ransomware is somewhat of a new term, but essentially what it involves is a hacker getting into a corporate network and stealing or encrypting information so authorized users can’t get in. Unless the authorized users—it could be anyone from IT to the C-suite—pay a certain amount of money, the hackers aren’t going to decrypt it, or they’re going to expose or divulge the information, which is usually personal information. The risk is that the organization can’t access the data that it needs to conduct everyday business. Even more of a problem is that the information that was entrusted to them is potentially going to be disclosed in an unauthorized way.
Q
How serious is the threat?
A
There are certainly a lot more publicly disclosed ransomware attacks and other cyber extortions out there. It’s not going away. These days, it’s seen as a relatively easy way to extract money from people through the use of Bitcoin, which is obviously less regulated. Whether the companies that are the victims are actually paying the ransoms is up for debate, and unknown, because they might not be notifying the people they need to that their information was disclosed. The authorities are looking to make sure the companies that are targeted by these threats are reporting them.
Q
How do you deal with it?
A
Essentially, it’s locking down the perimeter and having in-depth defense and layered security. Security awareness training is a big part of making sure people internally are not allowing bad actors to get in. From a technological standpoint, network security, intrusion detection, data loss prevention techniques, firewalls and encryption are all tactics to be used. They all have to be working in conjunction with the IT security personnel to make sure, if bad guys get into the network, they’re detected, they are monitored and they are booted out. It’s inevitable that a breach is going to happen. It’s what happens afterwards that counts.
Q
Are there new and more imaginative threats out there?
A
Where there’s a will, there’s a way. A lot of great minds are not being used in the right way. The perpetrators of these crimes are always trying to find the opportunity to make a quick buck.

More in P&C

Property & Casualty Hard Market Turns 6
P&C Property & Casualty Hard Market Turns 6
It may not happen immediately, but signs point to softening of P&C rates.
P&C Small Business Cyber Risk Represents a Big Opportunity for Agents
Q&A with Joshua Parrish, Executive Vice President at RT Specialty
Sponsored By RT Specialty
Broker Playbook for Flood Risk
P&C Broker Playbook for Flood Risk
Your clients must take steps to mitigate, prepare for and quickly respond to flo...
Lifestyles of the Rich and Risky
P&C Lifestyles of the Rich and Risky
Affluent insurance customers may not be protecting themselves against increasing...
Farm Bill Idles
P&C Farm Bill Idles
Congress will need to overcome election-year paralysis to fi...
Premium Increases Slowed But Challenging Conditions Remain
P&C Premium Increases Slowed But Challenging Conditions Remain
The Council’s Commercial P/C Market Index for Q4 is here.
Third-party involvement is creating an environment that is not core to what the insurance policy is intended to address and cover.
P&C To Whose Benefit?