Managed Services Raleigh is like IT insurance

03 Sep 2019

ProPublica says cyber-insurance companies are making the push to pay ransom demands because it saves them money in the long run.  A $500,000 payout makes better financial sense than  a recovery campaign that could cost millions.  The recent even in Lake City, Florida is a good example.  Ransomware attacks were covered under the city’s cyber-insurance policy.  The city paid the ransom, choosing to shell out $10,000 in deductible instead of the cost of a prolonged recovery which would have exceeded its $1 million coverage limit.  The city also wanted to resume normal services as quickly as possible.

Michael Lee, a sergeant in the Lake City Police Department said, “Our insurance company made [the decision] for us.  At the end of the day, it really boils down to a business decision on the insurance side of things: them looking at how much is it going to cost to fix it ourselves and how much is it going to cost to pay the ransom.”  In August alone, over  22 Texas municipalities were victims of ransomware attacks.  The number of attacks is only projected to continue to rise.

The cybercriminal isn’t the only one who gains from ransom payouts.  “In recent years, cyber insurance sold by domestic and foreign companies has grown into an estimated $7 billion to $8 billion-a-year market in the US alone, ” stated Fred Eslami, an associate director at AM Best, a credit rating agency that focuses on the insurance industry.   Paying the ransomware demands often goes public, spreading fear of attack to businesses and government organizations.  Fear equals increased buying of cyber-insurance policies.

The FBI maintains its stance that paying ransoms only serves to spread cybercrime and possibly fund terrorist regimes.  But insurance companies say that isn’t their problem.  “The onus isn’t on the insurance company to stop the criminal,” said Loretta Worters of the Insurance Information Institute. “Their objective is to help you get back to business.”

And with many victims of ransomware attacks facing weeks of recovery time on their own, many are choosing the quickest way out to mitigate their loses. “They’re going to look at their overall claim and dollar exposure and try to minimize their losses,” said Eric Nordman, a former director of the regulatory services division of the National Association of Insurance Commissioners. “If it’s more expeditious to pay the ransom and get the key to unlock it, then that’s what they’ll do.”

The City of Baltimore makes an excellent point of reference for the damages not paying ransom can cause an organization.  With no cyber-insurance, Baltimore refused to pay ransom demands and today has spent over $5 million in recovery efforts.  Likewise in Atlanta, who paid over $8 million now in recovery -related expenses rather than the $51,000 ransom demanded last year.  Looking at numbers like that, it’s easy to see why paying off the attacker may be in not just the insurance company’s best interest.

“The insurer is the one who is going to get hit with most of this if it continues,” said Lee. “And if they’re the ones deciding it’s still better to pay out, knowing that means they’re more likely to have to do it again—if they still find that it’s the financially correct decision—it’s kind of hard to argue with them because they know the cost-benefit of that.”

Schedule an Appointment

Schedule an Appointment

    Our clients are awesome!

    Based on 55 reviews.
    Jeremy Richards
    Jeremy Richards
    2020-03-13
    Petronella provides great advanced digital marketing and automation solutions for my business!
    Kate Swenson
    Kate Swenson
    2020-02-14
    Highly recommended for CMMC certification assistance! Excellent and affordable options for secure data hosting on local infrastructure. 5 stars!
    Tom Matzen
    Tom Matzen
    2020-01-25
    Petronella Technology Group helped us setup our sales and marketing automation, cybersecurity and compliance for our new Blockchain startup. Great to work with! Craig in particular really knows his stuff, can translate into non-tech speak, and has wisdom beyond his years. Highly recommend them.
    Justin Summers
    Justin Summers
    2020-01-14
    Craig is awesome! He is very professional and efficient with his work. I would definitely recommend Petronella Technology to anyone who needs state of the art service.
    Blake Rea
    Blake Rea
    2020-01-14
    Craig is an expert in his field. Impressed by his knowledge, A true pioneer in Cybersecurity. My business is safer thanks to Petronella Tech!
    Robert Friedman
    Robert Friedman
    2020-01-10
    For the last five years Craig has been the Contributing Editor for Cybersecurity for NC Triangle Attorney Law Magazine which I publish. His base of knowledge is always leading edge, pragmatic and early to understand for our readers who are not techies. He is patient and easy to work with.
    Tammy Everett
    Tammy Everett
    2020-01-10
    Craig Petronella, CEO of Petronella Technology Group provided the members of the Defense Alliance of North Carolina expert advice on cybersecurity and NIST compliance. Eye opening experience! Thanks so much!
    Julie Brown
    Julie Brown
    2020-01-09
    Craig and the Petronella Technology Group, Inc. team made HIPAA compliance for my small practice so simple and easy! They helped me with all of my HIPAA training, HIPAA Security Risk Assessment, Penetration Test, and HIPAA secure hosting so I can rest easy.
    Pivot Point
    Pivot Point
    2020-01-03
    Petronella Technology Group helped us with our marketing strategy for our new web startup. Awesome experience!!!!
    Richard Brunet
    Richard Brunet
    2019-12-30

    SCHEDULE AN APPOINTMENT

    Make It Happen Now

    CLIENT SUPPORT

    Don't Feel Stranded

    CONSULTATION

    Get Best Advice

    PAYMENTS

    Make A Payment

    Top