There are two immediate lessons to draw from this: 1. Review your backup and archive process, especially how you would restore systems in the case of data loss; 2. Review your cyber risk cover, will it keep your business viable?…:
The double-whammy of getting hit with a ransomware attack last New Year’s Eve that sidelined its global operations for two-and-a-half weeks coupled with COVID-19’s toll on air travel, put currency exchange provider Travelex into administration, the U.K. equivalent of bankruptcy, late last week, serving, if internal assessments are correct, as an example of the economic impact of ransomware and other cyberattacks.
Paying the ransom does not prevent an organization from incurring other expenses and losses, noted Caroline Thompson, head of underwriting at Cowbell Cyber, adding that attacks such as what happened to Travelex will generate damages that will go far beyond the ransom payment itself. “Business interruption can cause revenue loss, reputational harm, even compromised data, which a cyber insurance policy can cover,” said Thompson, who believes an organization’s best preparation for a ransomware attack is to always have a readily available backup.
Travelex’s financial woes come as no surprise, considering its Abu Dhabi-based parent company, Finablr, said March 2 – just two months after the attack – that it expected to take a £25 million earnings hit as a result, even though the company had a cyber insurance policy.