These attacks range from cybercriminals to nation-states and today’s attackers are more disciplined, sophisticated and aggressive than ever before. Moreover, the lines have long ago blurred between nation-state actors, organized crime and cybercriminals who operate hand-in-hand, directly and indirectly.
Cybercriminals are not the only threat post-impact. Some threats to businesses come from other legitimate businesses and even the government. For example, should you have cyber insurance, national state actors involved in an attack may be seen as ‘an act of war’. Thus, resulting in a denial of a claim regardless of whether you have cyber insurance – think Iran. Think – we are not at war with Iran. Think again; think cyberwarfare. Cyberwarfare is orchestrated across all levels, with hostile governments not only attacking our government; but a government’s lifeline, i.e., disrupting businesses and government revenue streams that collect from those businesses. Modern computers and our reliance on them allow these types of impacts to happen, regardless of the kind of business you are in. In short, if you are in business and you make revenue – your business is a target for cybercriminals and nation-state actors.
Insurers and counsel make excellent arguments to deny coverage and this could put you out of business. This isn’t theory; indeed, it was already an important factor in potential denial of coverage on a substantial confidential data breach Withum assisted on. Withum helped articulate appropriate damages and identified critical supporting materials and evidence findings to make the client whole again.
If you have cyber insurance or are thinking of getting it, consider carefully before you get that policy and well before an impact, whether the cyber incident response team and legal support team actually represent you or the insurer. Several insurance policy providers make you choose from a list of their “approved” incident response team of “experts.” Even if their findings are accurate, the damages may not be in line with appropriate recovery to make your business whole again.
Further, some carriers are using tools to scan your business for “open ports”. Think of an open port like an open physical backdoor for your business. It’s the same for cyber. These open ports are used by cybercriminals to install ransomware and extort your business. The insurers are using these open ports as a way not only to determine coverage, but their level of risk in underwriting policies and potentially to deny coverage post-incident. Withum’s Cyber team provides confidential “open port” scanning of your business and dark web scans to see if your business is being targeted by the dark web. This reporting lets you know well before impacts happen, as well as assists in determining your business’ cyber fitness. Learn more and request a confidential report.