In August 2022, Lloyd’s of London announced that it would require its underwriters around the world to exclude major state-backed cyberattacks from common stand-alone cyber insurance policies. The worrying increase in the number of cyber attacks in recent years could be the reason for this decision, which is likely to be followed by other players in the insurance industry for the foreseeable future.
Increase in Cyber Attacks Post-Pandemic Makes Underwriters Wary
According to a Deloitte reportOpens a new window , the proportion of previously unseen cyber-attacks has risen from 20% before the pandemic to more than 35% after COVID-19. Sophisticated forms of phishing and machine-learning-based attacks have witnessed a notable increase.
With the high dependency of people and organizations on cyberinfrastructure and impacts on physical assets, losses to insurance underwriters can become extremely large and beyond the capacity of insurance companies to absorb. Consequently, insurance companies now require clauses to exclude liability for losses incurred in nation-state attacks.
Cybersecurity has become deeply linked to geopolitics
In recent months, organizations across Ukraine have been victims of significant phishing, DDoS, disinformation, and cyber physical attacks. The impact of cyber attacks is known for easily surpassing geographic lines.
Furthermore, other organizations in Europe have also been attacked by malicious actors based in China after the start of the invasion. The problem is compounded by the involvement of non-state players such as hacktivist groups.
Cyber attacks involving nation-state actors will likely continue for the foreseeable future, with multiple potential physical flashpoints between countries. Tensions of war-like environments adversely affect situational awareness among companies and exacerbate panic on a global scale.
See More: EDR & MFA Solutions: A Must-Have for Cyber Insurance Companies
Challenges to excluding nation-state attacks
While avoiding coverage for nation-state attacks might seem an obvious solution to underwriters, this approach does not come without its challenges.
It is challenging for insurance companies to prove that a cyber attack is a nation-state attack adequately. Most actors behind large-scale events take efforts to hide their tracks and origins. Consequently, it is difficult to know if a cyber attack is motivated by government or private motives.
Also, actual nation-state attacks are carried out by third-party actors and not actual government bodies. These third parties often carry out their own private attacks. So for an insurance company to ascertain whether an attack was backed by nation-state motives is always going to be difficult. The burden of proof in such cases often falls on insurers, which is no small gift to companies seeking coverage.
Courts and Law Enforcement Will Play Critical RolesÂ
Although not mandatory, the primary decisive factor about a cyber attack being attributed to nation-state players is investigations by government intelligence and security organizations. So, bodies such as the Federal Bureau of Investigation are likely to be looked towards for declarations of nation-state attacks, which will further have to be proven in courts, allowing insurers to deny coverage for such attacks.
In cases where law enforcement agencies and courts cannot provide conclusive evidence, the burden of proof will likely fall on the insurer with available resources to deny coverage.
However, despite all this, the rapidly rising numbers of nation-state attacks raise questions on the usefulness of purchasing cyber insurance policies if an increasingly common security concern is not being covered.
See More: Why Are Small Businesses Suffering For Steep Cyber Insurance Premiums?
Early Detection and Real-Time Intelligence Could Solve the Problem
As the number of cyber-attacks increases, so will the number of companies seeking insurance. The number of cyber insurance policies has increased by 90% between 2016 and 2020.
However, companies will now require detailed cybersecurity strategies to qualify for insurance. Getting cheap insurance with minimal security infrastructure will likely become a thing of the past. The overall value of insurance policies has gone up by 60% in recent years.
The rise of IoT is not creating new threats where attacks are expected to be able to move between connected devices, exploiting extensive data sharing and connectivity. Conventional security tools such as individual passwords are also likely to lose popularity in the near future. Biometrics, EDR, and MFA are some technologies that will gain traction instead.
Nation-state attacks in the future will be able to affect a wide variety of targets aside from businesses, including energy infrastructure and automated EVs. With the large-scale ramifications of nation-state attacks, preventative measures are expected to gain value across industries. This can include using behavioral analytics to detect abnormal activities in a system or network, including the potential theft of credentials. Such moves will allow an organization’s security team to take quick steps to thwart future actions by malicious actors.
Using such real-time intelligence in multiple organizations can even help governments take timely action against nation-state attacks, protecting critical infrastructure, a lot of which is owned and controlled by a country’s private sector. Such an approach will change the security infrastructure from reactive to proactive.
What kinds of cyber threats is your organization worried about the most? Share your thoughts with us on FacebookOpens a new window , TwitterOpens a new window , and LinkedInOpens a new window . We’d love to hear from you!
MORE ON CYBERSECURITY
- The Case for Zero Trust amidst Soaring Connectivity
- New Chaos Malware Targets Linux and Windows for Crypto Mining & DDoS Attacks
- SSO Credentials of 25% of Most Valuable Companies are on Sale on the Dark Web
- Top 7 Cybersecurity Trends CISOs Must Watch Closely
- The Worsening Cyber Insurance Landscape: Top Survival Tips for Businesses