Adrian Scott, head of cyber and managing director of international and financial Lines at Pen Underwriting explores whether ransomware threats across the pond will hit the UK with the same severity
No delegate attending last month’s BrokerFest could have emerged from the cyber conference stream under the illusion that ransomware is an issue reserved only for the big brands or largest of companies.
The message was clear - ransomware incidents are not just happening in the US but in the UK as well; demands are being issued, ransoms negotiated and payments made.
But it’s also true that the UK experience — especially for small to medium-sized enterprises (SMEs) — currently bears little resemblance to what we are witnessing in the US, where growth in ransomware is nothing short of exponential.
Broker delegates attending BrokerFest on 11 February were understandably keen to understand and try to quantify the potential risk facing their UK clients. My first question from the floor was no surprise - is the current US ransomware experience inevitably UK-bound?
An escalating threat
Well, what happens over in the US tends to get exported here, as we know. If this was true of class action lawsuits and Disney, why not cyber claims?
But forecasting with any accuracy is predictably problematic. That said, Pen Underwriting does have something of its own barometer.
At any one time, there are around 16,000 Pen Underwriting cyber policies in force in the US with SME businesses. And ransomware incidents have ramped up considerably over the last 12 months.
In 2018, we saw 50 claims involving ransomware among our US SME clients. In 2019, we hit that 50 mark within the first six months. So the frequency is up but, more importantly, the size of ransoms is skyrocketing too.
In 2018, these were averaging about $30,000 to $40,000. Now the average payment is around $90,000. We have seen requests in the hundreds of thousands and even anecdotally heard of seven-figure payments — and, don’t forget, these are SME businesses.
This stark trend in cyber extortion is certainly one UK brokers should be concerned about on behalf of their clients — especially with figures showing only 10% of SMEs are buying cyber insurance policies.
But, what they mustn’t forget is that the ransom itself is only one small part of the overall cost of an attack.
The specialist skills of fast-acting incident response teams, which can release a business from the paralysis placed on it by a ransomware attack, is what unlocks the true value of a cyber insurance policy and minimises significant consequential loss.