Filed Under:Markets, E&S/Specialty

WannaCry means gotta act: Lessons in ransomware’s wake

Technological infrastructure may be more fragile than previously thought.

Your insurance agency clients must focus on the growing risk of cyber business interruption. (Photo: iStock)
Your insurance agency clients must focus on the growing risk of cyber business interruption. (Photo: iStock)

For many organizations, the past month brought an unwanted welcome to the new world of cyber risk.

The “greeting” came from WannaCry, ransomware that disrupted the U.K.’s health services, halted a French carmaker’s production, interfered with a U.S. logistics company’s network, and shut down corporate offices in Asia, all in a matter of hours.

The attackers sought an almost laughably small ransom from victims — as little as $300 per infected computer — but the ultimate disruption to the global economy will be much greater.

Related: Move, countermove: The best way to fight ransomware

Endless risks, limited resources

One clear lesson as we look to prevent the next cyber pandemic is that technological infrastructure may be more fragile than previously thought. That means firms must focus on the growing risk of cyber business interruption.

Greater connectivity and complexity among IT networks increases the risk that disruptions will cascade. Such effects may be felt even when your firm escapes the attack but your suppliers and providers fall victim. In fact, unplanned IT and telecom outages are the leading cause of supply chain disruptions, and can lead to significant loss of revenue and extra expenses.

3 critical steps

Beyond addressing technical issues, businesses should consider these three lessons from the WannaCry attacks:

  1. Build resilience through cyber response exercises. WannaCry was a novel piece of malware whose speed and impact were hard to anticipate. Firms should build flexibility, speed, and adaptability into their event-response capabilities. Test, test, and re-test your cyber response plan across your organization, and identify specialized resources and expertise as you do so. Assess new event scenarios — like complex ransomware threats — so you can quickly adapt to fast-moving events.
  2. Update your risk modeling. Re-think the potential scenarios that could affect your operations, then work with business leaders to consider the potential operational and financial impacts. That can help you evaluate second- and third-order consequences — such as supply chain disruptions and associated financial costs — and determine which risks demand the most focus.
  3. Review and update your cyber insurance program. Networks will continue to become more connected and businesses more dependent on data-sharing. Every business that relies on technology — and most do — should take a fresh look at their cyber insurance program. You should update policies as needed to provide coverage for business interruption and cyber extortion, and re-evaluate program limits in the face of catastrophic scenarios.

Ransomware and other evolving threats will increase in frequency and sophistication. Firms need a comprehensive cyber risk management strategy — including economic risk modeling, optimized cybersecurity and cyber insurance programs, and resilient cyber response capabilities, to ensure a quick, effective response and a timely return to normal operations.

Thomas Reagan is the cyber practice leader within Marsh's Financial and Professional Products (FINPRO) Specialty Practice. This article first appeared on and is reprinted here with permission. Visit the Marsh Risk in Context blog for the original post.


Ransomware attacks leave businesses and insurers exposed

WannaCry has insurers evaluating damage and exposures. What lines of business will be responsible for coverage?

Featured Video

Most Recent Videos

Video Library ››

Top Story

Winners announced for NU’s Agency of the Year Award

The winners of NU’s 2017 Agency of the Year Award have been selected, and will be featured in profile stories in our October print edition and right here on

Top Story

Do you qualify for NU’s Excellence in Cyber Security Risk Management Award?

Gain your cybersecurity risk management program the recognition it deserves. Nominate your program for the NU Excellence in Cyber Security Risk Management Award today!

More Resources


eNewsletter Sign Up

Specialty Markets Insight eNewsletter

Receive updates and analyses on hard to place and challenging coverages. Sign Up Now!

Mobile Phone

Advertisement. Closing in 15 seconds.