How to Navigate the Rising Costs of Cyber InsuranceReckitt Benckiser's Diktesh Singh Puri on When to Pay or Not Pay Ransom Demands
As ransomware attacks grow, cyber insurance costs are skyrocketing, leaving small to midsized firms with tough decisions about insuring against threats, beefing up security and whether to pay or not pay ransom demands, says Diktesh Singh Puri, IT and cloud operations head at Reckitt Benckiser Group, an Anglo-Dutch multinational consumer goods company headquartered in England.
Most large enterprises are relying on cyber insurance to underwrite their ransomware risks, but insurance costs could be prohibitive to smaller organizations. Decisions about coverage are similar to choosing a homeowners insurance policy, Puri says.
"I can protect myself but I don't know all the doors in my house," he says. "There will be some leak somewhere that will let someone get into my house. Once he does the damage, do I have to pay from my pocket or an insurance policy? ... I know the damage can't be recovered but at least I have some backup."
Puri advises estimating the value of potential losses and deciding "whether you need to pay a ransom or not." He says the right decision depends on the risk appetite of the business and the cost of cyber insurance premiums.
In this video interview at Information Security Media Group's Cybersecurity Summit in New Delhi, Puri also discusses:
- The latest trends in cyber insurance premiums;
- Security tools that organizations need to meet cyber insurance company expectations for organizations;
- How to decide when to pay or not pay the ransom.
Puri has over 17 years of experience in the IT industry. Prior to Reckitt Benckiser, he worked at Barclays Singapore and Hexaware Technologies.