Insurers will need to foot the bill for many costs such as incident response and forensic services.
The SolarWinds hack is expected to cost cyber insurance companies about $90 million total for covering forensic services and incident response services for compromised clients.
That said, many experts are saying that this expense could have been significantly higher.
“Although the SolarWinds attack is a cyber catastrophe from a national security perspective, insurers may have narrowly avoided a catastrophic financial incident to their businesses,” said BitSight director of insurance programs and partnerships, Samit Shah. BitSight is a cyber risk vendor based in Boston, Massachusetts.
The situation could have been more costly if the Russian cyber criminals behind the SolarWinds hack had proceeded differently. Those hackers avoided the large-scale exploitation of the affected organizations. Instead, they chose to collect sensitive data through ongoing access, revealed a recently published joint analysis between BitSight and Kovrr cyber risk modeling. Had those criminals instead focused on network destruction and business interruption, the final insured tally could have been catastrophic.
US government departments comprised many of the organizations affected by the SolarWinds hack.
Traditionally, federal agencies don’t purchase insurance for many risks such as cyber coverage, said Shah in a recent CRN report. As a result, even if the number of identified victims rise over coming months – as it is expected to do – neither BitSight nor Kovrr expect that there will be a significant change to the direct insured costs.
“While the SolarWinds breach is proving to be a devastating cyber attack from a national security perspective, the attack did not evolve into a cyber catastrophe for the insurance market,” said Shah.
A cyber catastrophe is defined by both BitSight and Kovrr as an event that results in $200 million or higher economic losses. These events will typically begin with a technology or service provider disruption. From there, they expand through a replication of this disruption wherever it can occur, explained Shah.
To estimate the SolarWinds hack’s insured costs, BitSight and Kovrr examined the attack’s impact, the victim organization profiles, and the steps required to mitigate and remediate the damage.