November Commercial Risk Advisory

Ransomware Trends

Ransomware has impacted 37% of organizations in the past year, according to Sophos’ annual ransomware survey, The State of Ransomware 2021. As ransomware continues to be one of today’s top business threats, organizations must be proactive in minimizing the risk of falling victim and reducing damage in the event of an attack.

As ransomware attacks become more common, organizations should stay up to date on the following trends:

  • Email is the most common ransomware delivery method. Phishing emails containing malicious attachments or links lure victims into opening them.
  • Data exfiltration is surging. Coveware analysis shows that data exfiltration occurs in 70% of ransomware attacks.
  • Demands are rising. The average ransom payment increased by 518% in the first half of 2021 compared to 2020, according to research from security consulting group Unit 42.

To avoid becoming the victim of a ransomware attack, organizations should:

  • Conduct employee training on cyber safety. According to Cybint, 95% of cybersecurity breaches are caused by human error, making it imperative for organizations to train employees to look for phishing emails or fraudulent links.
  • Back up data frequently and offline. Ransomware can infect and encrypt any system it accesses. Maintaining an offline backup can mitigate the risk of data becoming compromised. Organizations should also increase the frequency of backups since all data not backed up can be lost during a ransomware attack.
  • Maintain up-to-date operating systems and software. Ensure applications and operating systems are patched with the latest updates to reduce the number of entry points available to an attacker.

If a ransomware attack does occur, organizations should have a response plan in place. For more cybersecurity guidance, contact us today.

Flood Insurance Rates Increase

The new Risk Rating 2.0 system from the U.S. Federal Emergency Management Agency (FEMA) will raise rates for 77% of policyholders, according to a new study from QuoteWizard. This updated pricing methodology aims to equitably distribute premiums across all policyholders based on property value and flood risk. Phase I went into effect on Oct. 1, 2021, for new and existing policies eligible for renewal, and Phase II will begin for all remaining policyholders renewing on or after April 1, 2022.

FEMA sells almost all of the nation’s flood insurance coverage through its National Flood Insurance Program and requires businesses that own property in high-risk flood areas to have flood insurance if they also have a federally backed mortgage.

Risk Rating 2.0 will no longer use flood zones to calculate flood insurance rates and will instead use the property’s risk—foundation type, elevation, structure replacement costs, etc.—to determine the price. To minimize flood damage and help reduce flood insurance costs, businesses should:

  • Elevate utilities. In the event of a flood, having electrical panels, water heaters and heating and cooling systems above the floor will help protect them from being damaged.
  • Install flood openings. Flood openings protect commercial buildings by equalizing water pressure and preventing buildup that can destroy walls and foundations.
  • Use flood-resistant materials. Flood-resistant floor coverings, wall coverings and wall insulation can typically withstand 72 hours of direct contact with water before any significant damage occurs.

The new risk rating could result in more flood insurance policies being issued to help protect people and their businesses against flood devastation. For more risk management information, contact us today.