2020 has been a year of great change and constant adaptation to new circumstances.
Organizations and their employees shifted to remote working, which has opened the door for many cybercriminals to exploit new vulnerabilities in ways they have not before.
Trends of cyber insurance claims for 2020
Coalition, a cyber insurance company, recently released a report detailing the categories of cyber attacks as well as the cause behind the attacks for the first half of 2020.
The number one type of cyber incident so far this year is ransomware. The company says that ransomware accounted for 41% of cyber claims. And the most popular attack vector was phishing. 54% of cyber attacks started with email.
Below you can see two charts describing these findings:
Remote work increases cyber threats
Along with these findings, the research shows three significant causes behind these attacks.
- "Due to the transition of remote work, exploitation of remote access was the root cause of reported ransomware incidents."
- "Email intrusion, invoice manipulation, and domain spoofing were the most common attack techniques for funds transfer fraud incidents."
- "Organizations that use Microsoft Outlook for email were more than three times as likely to experience a business email compromise compared to organizations that use Google."
Attacker targeted certain industries more frequently. These industries include consumer businesses, healthcare, and financial services.
4 key takeaways from cyber insurance industry report
In a blog post outlining the report, authors listed four things that organizations must takeaway when reading the report.
1.Cyber losses are increasing in number and severity. "The broad adoption of technology by organizations across all sectors has created new opportunities for cybercriminals. This trend is only increasing with the changes many organizations have implemented to facilitate remote work during the COVID-19 pandemic, and cybercriminals are actively using this to their advantage. Although the number of cyber attacks hasn’t increased dramatically, their rate of success has."
2.Cyber insurance works. "For each and every claim we processed, cyber insurance went beyond the promise to pay, and to make the insured financially whole. It also played a critical role in helping the insured recover operationally."
3. Nothing and no one is 100% secure. "Claims were made by small businesses, large businesses, for-profits, and nonprofits — across every industry and despite investments in cybersecurity."
4.The root causes of security failures are largely known and predictable. "The implementation of basic cybersecurity controls could have avoided a majority of the claims and losses reported to us. No-cost and low-cost controls, such as multi-factor authentication (MFA) and routine out-of-band backups would have eliminated a majority of losses experienced."
Impact of a cyber attack and the need for insurance
Earlier this year, Spencer Fane cyber attorney Shawn Tuma presented on the SecureWorld Remote Sessions. He discussed why insurance is so crucial and the possible devastation from a cyber attack.
"And it really dawned on me one day that I cannot think of any other risk that businesses regularly face where the CEO can go to sleep tonight... with the company running well, doing fine production operations going and then wake up tomorrow morning to find they're completely out of business because of an event that happened overnight, such as a ransomware attack.
We see, by the way, on a regular basis, with these kind of ransomware attacks, but its the one risk that I know of right now, other than maybe nuclear war, where in one night, everything can change and can completely impact your operations."
Tuma went on to discuss the importance of cyber insurance, which could help your business when you need it most.
"You've got to have the ability to pay, you've got to have the ability to cover those costs. And insurance is oftentimes such a critical piece to that, that we are we're seeing a very strong correlation in the ability to respond and recover between those companies that do have cyber insurance and those that don't."
Tuma says it is also crucial to review your cyber insurance as part of your incident response planning.
This is because there is a wide variety in what plans cover and how they are covered, including restrictions on incident response vendors which may be used following an incident.