Reading Time: 4 minutes

An unwitting employee clicked on an email, enabling an attacker to penetrate the company network and steal credentials. The company ultimately received a $350,000 bill for cleanup—only some of which was covered by their cybersecurity insurance policy. Watch this webinar to find out what they found—and how they recovered from the attack.

How can you protect your organization from ransomware and other attacks…and does cyber security insurance help?

Get the facts: More budget, more headcount…more incidents?
According to a recent survey by Sophos, 66% of organizations were hit by ransomware in 2021, up from 37% the previous year—a whopping 78% increase! Clearly, the ransomware-as-a-service model has emboldened malicious actors, enabling them to launch significant attacks at scale.

Here are some eye-opening facts from the same survey of 5,600 IT professionals:

  • 66% of their organizations experienced a ransomware attack in 2021.
  • Of those, 90% had impacts on their ability to operate and 86% lost business/revenue.
  • The average ransom payment was $812,360—a 4.8X increase over 2020’s average of $170,400.
  • 46% of organizations ultimately paid their ransoms.
  • Of those, just 4% got all of their encrypted data back.
  • The average cost to remediate an attack—including ransom payments, downtime, people time, device cost, network cost, and lost opportunity—was $1.4 million.

Finally, 88% of organizations indicated that they had sufficient or more than enough of both cybersecurity budget and headcount, but are these organizations getting their full value from these resources?  It appears not, prompting Sophos to conclude that “many organizations are struggling to deploy their resources effectively in the face of the accelerating volume and complexity of attacks.”

“…simply throwing people and money at the problem is not the solution; rather you need to invest in the right technology and have the skills and know-how to use it effectively. Without this, your return on investment is low.”

The State of Ransomware 2022,


The advantages and disadvantages of cyber insurance
Cybersecurity insurance, sometimes called cybersecurity liability, typically offsets the costs that organizations face following ransomware or other attacks—an example of risk transfer when viewed through the risk management lens. These costs can include everything from ransom payments themselves to extended remediation and recovery costs, loss of income due to business disruption, recovery of losses due to cyber extortion, court and attorney fees, and compliance fines. Organizations can usually choose from multiple policy options but are also able to secure additional coverage through add-ons.

But there are downsides, too. With the exclusions and exceptions found in most policies, coverage can be inadequate for increasingly sophisticated—and costly—attacks. As a result, premiums continue to soar, while coverage shrinks—which can be a hard sell for business leaders.

While there are no standards as yet, here are some of the more common technology requirements that we’re seeing from insurers:

  • Email security with advanced phishing and malware protection
  • Multifactor authentication (MFA)
  • Remote desktop lockdown protocols
  • Data backup and recovery
  • Endpoint security
  • Next-generation firewalls
  • Internal security controls
  • Vendor management

Does your security environment meet insurers’ growing list of requirements? The fact is that they won’t insure a tinderbox against fire unless it’s worth their while.

94% of those with cyber insurance said the process for securing coverage has changed since 2021:[1]

  • 54% – The level of cybersecurity needed to qualify is now higher
  • 47% – Policies are now more complex
  • 40% – Fewer companies offer cyber insurance
  • 37% – The process takes longer
  • 34% – It’s more expensive


5 tips for securing cybersecurity insurance coverage
Even with cybersecurity insurance, it’s important to stay on top of the latest threats and optimize your security posture. Consider these five tips:

  1. Ensure high-quality defenses at all points in your environment and continually review and refine your security controls.
  2. Practice proactive threat hunting so you can stop malicious actors before they can execute an attack.
  3. Harden your environment by identifying and remediating security gaps, including unpatched devices, unprotected machines, open RDP ports, etc.
  4. Prepare for a security incident by knowing what to do and who to call.
  5. Create backups and practice restoring from them so you can emerge from an attack with minimal disruption.

Finally, if your organization is challenged by a lack of cybersecurity skills or resource gaps, consider outsourcing to a managed services provider. Many MSPs have their own 24/7 security operations centers (SOCs) staffed by security experts.  


Logicalis: Your global cybersecurity expert  
As one of just 5 Cisco Global Gold partners, Logicalis offers significant security expertise and a full complement of professional and managed security services for the complete Cisco Secure portfolio, including network security, cloud and application security, and user and device security. With Cisco Secure, Logicalis can proactively help your organization meet or exceed the underwriting requirements of most insurance providers.

A center of excellence, Logicalis’s 24/7 global SOC is backed by more than 15 years of experience. Our cyber response team provides real-time support leveraging user and entity behavior analytics (UEBA) to aid in triage and threat hunting.

Trust Logicalis to help you harden your security defenses, both to protect your data and to help you obtain or renew coverage, reduce your risk, and potentially save on premiums.

Watch our Cyber Liability Insurance webinar to learn more about the risk of attack, how cyber insurance is changing and how we can help you tighten things up.


Brad Wright and Cory Kramer are Principal Architects/Cybersecurity at Logicalis, responsible for creating the overall technical vision to solve customers’ security challenges.


[1] “The State of Ransomware 2022,”, 2022.