Reading Time: 2 minutes

Providing the Right Information to Brokers and Underwriters, Including a Statement of Ransomware Resilience and Other Documentation, May Help Secure Better Terms

SAN JOSE, Calif.—July 20, 2021—The latest highly publicized ransomware attack, a cyber-extortion incident against Kaseya, has fueled interest in cyber insurance. In an attempt to reduce their cyber insurance costs, organizations are seeking to demonstrate they have systems in place that provide data resilience.

As a result, Panzura has recently experienced intensified demand from firms looking to better understand their options, according to Glen Shok, vice president of strategic alliances. The company provides secure global file-system solutions for managing, accessing and storing unstructured data in large organizations.

Before sitting down with insurers to review their security practices and coverage options, Shok advises these organizations to prepare a comprehensive risk assessment. “Insurers want both prevention and recovery controls in place, including an analysis of the value and nature of insured data. This has the potential to reduce risk for the business and insurer alike, and result in lower premiums,” said Shok.

He suggests they talk to their technology partners and software vendors to obtain a Statement of Ransomware Resilience (SoRR) which may be considered by insurers when negotiating direct written premium and standalone policies. Panzura offers these statements to customers and works with them when they request additional documentation for insurance purposes.

Cyber insurance prices are driven by the need for risk management and the growing incidence of network intrusions, data theft and ransomware exploits. Fitch Ratings reports that direct cyber insurance premiums increased by over 22 percent in 2020 to approximately $2.7 billion with momentum continuing into this year.

Shok said insurers have responded to the ransomware crisis in various ways including limits on claims payments and tying payments to policyholders’ actions.

“Insurance policies may contain requirements to proactively shield networks and data from infection by deploying solutions for prevention, protection and recovery.  We want our customers to understand the benefits of getting the right information to insurers as they look to secure better terms or modulate rate increases,” remarked Shok.

Panzura’s CloudFS is a global file system that is inherently resilient to ransomware and other malware threats through data immutability. Organizations that use CloudFS to manage, store and access their unstructured data are less likely to need to pay a ransom to regain access to data held in the Panzura file system, even if subjected to an attack. Data stored by CloudFS cannot be encrypted because the system maintains an unalterable, clean data set.

Notes to Editors:

  • Hard market pricing is being used by insurers to offset claims, along with tightened terms and conditions, and more stringent risk selection. Brokers are trying to get more and better information from their clients to underwriters, in order to secure better terms. See “Cyber insurance and the ransomware revolution” (Insider Engage, 24 June 2021).
  • Some insurers are making payments contingent upon policyholders’ actions. They assess whether data has been backed up sufficiently to resume operations within a reasonable period of time, without the payment of a ransom. See “How are cyber insurance companies assessing ransomware risk?” (Dark Reading, 26 May 2021).
  • More than 80 percent of all data at large organizations is unstructured. It is more difficult to store, analyze and access than other types of data. This includes sensitive and highly regulated healthcare and financial data, and petabyte-size enterprise files. See “Structured vs. unstructured data” (Datamation, 21 May 2021).