Increased ransomware attacks have led to dramatic hikes in the cost of cyber insurance. As prices rise, insurers are imposing tougher conditions and companies that haven’t been carrying cyber insurance may find the cost to be a barrier to entry.

“It is a challenging moment, we have seen the pendulum swing toward it getting harder” to obtain insurance, said Tamara Bruno, a Pillsbury partner who represents policyholders. “We’re seeing lower limits, higher premiums and it’s getting harder for entities that haven’t previously had cyber coverage to get it.”

Bruno said, “If you’ve been a cyber insurance holder, you’re in a better position though there are rate increases. Companies without cyber insurance are finding entrance into the market to be prohibitive.”

She said policies now contain additional “conditions” in areas ranging from security controls to “who has to authorize transactions” for coverage of intercepted transactions.

“There had been quite a loosening of cybersecurity checks before [the rapid escalation of ransomware attacks] where companies were given coverage with less examination of their practices. That’s tightening amid ransomware conditions,” Bruno added. “I expect to see more conditions and for insurers to look more closely at all entities.”

Pointing to smaller entities that may find the price of entry into the insurance market to be prohibitive, Bruno said such companies “need more information” including “guidance and guidelines” and “more transparent information on who to contact, how to get their systems back online and things like how do you pay ransoms in crypto.”

Read the full article here.