Why Ransomware Is a Game Changer for Cyber InsuranceDoug Howard, CEO of Pondurance, on Stricter Requirements, Higher Premiums
Ransomware attacks have become the game changer in driving up security requirements, policy premiums and rejection rates for healthcare sector entities seeking new cyber insurance policies or renewals, says Doug Howard, CEO of privacy and security consultancy Pondurance.
Many healthcare sector organizations seeking cyber insurance coverage are required to complete ransomware supplements, "which are more questions that the carriers are asking specifically oriented around ransomware, the risk of you being compromised by ransomware and having to make a payout," he says in an interview with Information Security Media Group.
The good news is that most cyber insurers have not yet started excluding ransomware coverage for what the carriers deem as eligible candidates, he says.
"Rather, they're filtering that out with lower acceptance rates of renewals and new policies."
In the interview (see audio link below photo), Howard also discusses:
- Other changes involving cyber insurance for the healthcare sector, as well as for professional services entities;
- Steps entities can take to reduce their security risk and improve their cyber insurance coverage;
- Additional considerations for healthcare entities seeking cyber insurance policies.
Howard is CEO of privacy and security consultancy Pondurance. He has over 30 years of experience in technology leadership and security innovation roles. He was previously vice president of global services and IT innovation at RSA.