SP&T News

News cybersecurity
Blackberry study shows SMBs ill-prepared for ransomware attacks

August 11, 2022  By SP&T Staff


Adobe Stock.

A study from Blackberry Ltd. and Corvus Insurance says only 19 per cent of businesses have ransomware coverage above $600,000, while more than half (59 per cent) hope the government may cover damages for future attacks that are linked to other nation-states.

Furthermore, an increasing number of businesses are worried about how they would manage in the event of ransomware attack. Like other studies, Blackberry’s and Corvus’s has shown that small to medium sized businesses are the preferred targets of cybercriminals. According to a Forrester report, the typical data breach cost an organization an average of $2.4 million to investigate and recover.

“Not only are there more ransomware threats than ever, but the criminals are more ruthless. They will iterate threats and wait patiently in order to extract maximum damage,” said Shishir Singh, executive vice president and CTO, Cybersecurity at BlackBerry in a statement.

“For uninsured and underinsured organizations, this potentially puts them in extreme jeopardy. The cyber underground is increasingly sharing learnings and partnering to make threats as efficient as possible. It’s vital businesses strengthen their security posture against these threats by supplementing insurance with a prevention-first software approach that lowers their overall risk.”

Advertisement

The study also showed that many businesses operate on cybersecurity coverages that are not properly tailored to their current situation. For example, more that one third of respondents said they did not have coverage for any ransomware payment demands. Another 43 per cent said they do not have coverage for auxiliary costs such as court fees or employee downtime.

Cyber-insurance has also become harder to obtain as software requirements continue to increase under the counsel of insurance brokers. Over one-third of respondents have been denied coverage due to not meeting specific Endpoint Detection and Response software requirements.


Print this page

Advertisement

Stories continue below