TECHNOLOGY
He points out that every digital transformation aims to either enhance existing services or create entirely new services and revenue streams . With that background , the implications for conducting risk assessments are quite significant .
Understanding risk Looking at the entire picture of risk and making an accurate assessment of the threats companies face , is also part of the solution . But Bransome believes this is not being carried out in the majority of cases , because there is a lack of understanding in the space .
“ I believe that insurers in the past have not accurately understood the real-world security posture of the organisations they are offering insurance to ,” he says , but goes on to point out that the situation is improving .
“ However , insurers are now starting to respond better to the needs of clients in terms of policies becoming clearer regarding their scope and coverage . This is partly being led by their own losses , which have been significant , especially with the rise in hugely costly and frequent ransomware attacks .”
Bransome also highlights the fact that there is now much more scrutiny being applied by underwriters to organisations applying for cyber insurance . Insurance companies are also utilising technology to help assess client technical and organisational security controls to get a clearer understanding of their security posture and potential risk . “ These technologies include a multitude of opensource intelligence signals and active scanning techniques to build a risk profile that can directly affect the premium ,” he says .
Trends in the cyber risk space According to a recent survey report by Veronis , ransomware attacks have increased by 148 % since the pandemic began . The
“ Ransomware is going to be a continuing problem into 2022 , especially at the rate of development we are seeing with organised Ransomware groups ”
ALEX BRANSOME , CHIEF INFORMATION SECURITY OFFICER , DOHERTY ASSOCIATES
hacking arena is a highly organised network of gangs that operate globally - and insurance companies are high on the target list due to the amounts of sensitive data that they hold .
Bransome says , “ Ransomware is going to be a continuing problem into 2022 , especially at the rate of development we are seeing with organised Ransomware groups . The increasingly advancing tactics and techniques used by these cybercrime groups , coupled with the commercialisation of professional , easy to use Ransomware-as-
66 November 2021