fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

School District Reports a 334% Hike in Cybersecurity Insurance Costs

School District Reports a 334% Hike in Cybersecurity Insurance Costs

Bloomington School District 87 in Illinois has published its cyber-insurance renewal details, and the cost has jumped from $6,661 in 2021 to $22,229 this year.

This dramatic 334% rise in premiums is attributed to the sudden spike in the number of threats, their severity, and the potential for costly disruptions.

“In light of events that have negatively impacted the Cyber Insurance market, SSCIP was unable to initially find the required coverage for the group,” mentions the memo.

Also Read: 4 Things to Know When Installing CCTVs Legally

“After a small delay, the Cooperative was ultimately able to secure an insurer willing to accept the risks of the pool.”

Comparison of yearly cyber-insurance costs for District 87
Yearly cyber-insurance costs for District 87
Source: go.boarddocs.com

Suburban School Cooperative Insurance Program (SSCIP) is an insurance pool allowing school districts to join together to negotiate better insurance rates and lower management fees.

The most significant problem which leads to this sudden cost increase is ransomware and the lengthy disruption that encrypting attacks and the theft of data can have to compromised school networks, employees, and students.

Ransomware actors, particularly the less skilled affiliates, target smaller school districts because they are seldom well-protected against attacks and usually can’t afford a large dedicated IT and security team.

However, as schools usually have an active insurance policy, they are attractive targets to threat actors who are hoping for a quick payment from insurance companies.

Emsisoft has published a report to sum up 2021 ransomware attacks against the U.S. public sector, where they count 77 government, 1,043 schools, and 1,203 healthcare victims.

MFA now required

As the District 87 memo mentioned, the insurer has also required that the district fully implement multi-factor authentication protection on all its accounts.

The school estimates that they can conclude this change by March 30, 2022. However, until that happens, the coverage limits will remain decreased, well below the consented amount.

This reflects the importance that insurers and security experts ascribe to using MFA to protect network logins.

MFA is a method of validating the user’s identity through a combination of things beyond just passwords. For example, they can come in the form of one-time passwords, key cards, or biometrics.

Also Read: 5 Most Frequently Asked Questions About Ransomware

Ransomware actors typically deploy their encrypting tools by using compromised user credentials to access the target systems. As such, having MFA in place is often enough to stop the attack before attacks can start.

Also, backup service logins should be protected using MFA, making it so ransomware actors cant access and delete backups. With reliable backups in hand, it significantly weakens a ransomware gang’s negotiating position and speeds up recovery.

A large-scale issue

District 87 is just one of the many American public educational institutes that will face this substantial added burden on its annual budget, and this doesn’t apply only to schools.

Hospitals, non-profit organizations, and local governments will all have to cover substantially greater cyber-insurance costs in 2022 due to an increase in cyberattacks in 2021.

The healthcare sector was also bombarded by ransomware actors in 2021, mainly for the same reasons that make school districts ideal targets for cybercriminals.

Universities are also on the ransomware actors’ crosshairs, and they too have to strike a delicate balance between budget allocation and cyber-protection since they have limited resources.

Lori Sussman, Assistant Professor of Cybersecurity at the University of Southern Maine, has told Bleeping Computer that the increase in cyber insurance premiums will continue to outstrip other insurance instruments until organizations can stem the rising attacks.

These crooks also attack targets that they perceive as “soft” which include small municipalities, schools, universities, and other organizations that may not have big budgets for IT staff let alone cybersecurity experts.

No doubt that is why cyber insurance premiums grew more than a quarter (25.5%) in 2021 (According to the Council of Insurance Agents & Brokers,) which is well above other insurance instruments.

The University of Maine system CIO has prioritized security for the state higher education system. However, there will need to be more awareness training of all stakeholders – students, faculty, staff – to defeat these predators.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us