Global Insurance Underwriter AXA Group Drops Reimbursement for Ransomware Payouts, Reinforces the Need for Businesses to Bolster Their Cyber Defenses
The AXA Group is a Paris-based global insurance underwriter and asset management company doing business in 54 countries, including the U.S. Earlier this month, the insurance giant announced that it will no longer write cyber insurance policies in France that provide reimbursements to customers for ransomware extortion payments. It appears AXA is the first insurer to take this step. It suggests that other countries and cyber insurance providers may follow suit.
A recent action plan delivered to the White House by a public-private task force stated that payouts to ransomware criminals lead to more cybercrime. However, it also noted that paying cybercriminals may be the only way for certain businesses to avoid bankruptcy.
AXA Attacked by Cyber Criminals
Ironically, one week after AXA announced the dropping of reimbursements of ransomware payouts in France, it was reported that the company’s operations in Thailand, Malaysia, Hong Kong, and the Philippines were hit by a ransomware attack. The attack included compromising of customers’ personally identifiable information – such as passports, IDs, and medical records.
Businesses Must Improve Cyber Protections
We believe the AXA move to reduce cyber insurance coverage reinforces the need for businesses to bolster their cyber defenses. This is based on an increased risk environment and potential inability, especially for SMBs, to purchase adequate cyber insurance at an affordable price. Additionally, many insurers are requiring specific controls to be in place to mitigate the risks of cybercrime.
Typical IT protections being required by underwriters include anti-virus protection, system monitoring and management, security patch management, and implementation of secure network infrastructures. With cyberattacks proliferating at an increasing rate each year, business owners must take control of their computer and network security, while considering complementing those preventive measures with cyber insurance to cover things such as breach costs, business interruption, and data recovery.
Get a security assessment and a free consultation on managed security services for small or medium-size business
Not sure how to protect your IT environment from cybercriminals?
Please click our link to request a FREE Consultation related to implementing a secure IT environment: