Insurance companies still have a lot of trouble pricing and selling cyber insurance. Ransomware is a bit of a outlier here, being the most popular category of cyber insurance and all, but it seems to still be difficult for insurers to price their premiums.
It's mostly because there aren't a lot of good measurements for assessing how likely a company is to get hacked / hit by RW (I'm not a believer in infosec through Q&A / self-assessment).
These are of course growing pains and especially for SMB some form of insurance + cybersecurity tooling basics will be the dominating approach to managing cyber risk.
It's mostly because there aren't a lot of good measurements for assessing how likely a company is to get hacked / hit by RW (I'm not a believer in infosec through Q&A / self-assessment).
These are of course growing pains and especially for SMB some form of insurance + cybersecurity tooling basics will be the dominating approach to managing cyber risk.