Association of Progressive Rental Organizations | America’s Champion for Rent-to-Own

RTO a Target for Cyberthreats and Ransomware

Some industries have more difficulty tightening cyber-loss controls than others. For that reason, cybercriminals are targeting “nontraditional” industries with historically weak controls. Ransomware attacks often focus on companies that will be immediately impacted by the disruption. Rent-to-own companies can be targeted because of their limited awareness of cyber risks and their lack of cybersecurity. Let’s change that.

Cyberthreats are increasing for all organizations, but many owners and operators don’t realize they must implement prevention and mitigation tactics tailored for their needs. In other words, one size does not fit all. An incident response plan for a one-store company, for example, might be fundamentally different than for a 15+-store chain.

In the first quarter of 2020, ransomware attacks increased by 148% month-over-month, and the upward trend is continuing,1 including steady increases in cyberattacks and ransoms demanded by hackers. In 2021, malicious emails were up by 600%, and the largest ransomware payout was a world-record $40 million, made by an insurance company.2

As a result, insurance underwriters are taking a more thorough and technical look at an organization’s cyber exposures and loss controls.3 Organizations with poor cyber controls will likely experience higher premiums and reduced insurance capacity, or higher self-insured risk, assuming insurance carriers are willing to take on the risk. Those with average risk profiles may face higher premiums, as well as retention and policy exclusions. Some RTO businesses will have no choice but to tighten their cyber-loss controls and improve their risk profiles before insurance companies will consider taking them on as clients.

How cybercriminals infiltrate their victims can vary from one industry to the next. Therefore, it’s critically important to develop cyber risk-management strategies and post-event solutions that are appropriate for your company’s infrastructure and needs. Standard or “off-the-shelf” cyber policies have several inherent coverage gaps, which can mean uninsured losses for many organizations. These weaknesses can become especially pronounced in our current hard cyber insurance market.

RTO companies can mitigate the effects of the hardened cyber market:

  • Explore strategic resources and risk-management tools – like the E-risk Hub and Answerlytics™ proprietary cyber solution offered by APRO associate member USI Insurance Services LLC;
  • Engage in a cyber risk-management process, which focuses the conversation on your reality and not other general data; and
  • Ask your cybersecurity insurance provider questions about limits, claims impact, and cyber underwriting results through customized benchmarking tools for your organization.

To learn more about RTO industry-specific cyber solutions designed to protect your business from ransomware and other cyberattacks, contact Macenzi Holmes-Morton at or call (404) 441-9769.

1 VMware Carbon Black
2 Business Insider, 2021
3 USI’s 2020-2021 Commercial Property & Casualty Market Outlook
4, 2021
5 Palo Alto Networks
6 The Wall Street Journal

This article is sponsored content and was written with the support of USI Insurance Services LLC. To have your company featured in an article, please email us at

Upcoming Events