Security News
56% of all 2023 claims were a result of funds transfer fraud or business email compromise, highlighting the importance of email security as a critical aspect of cyber risk management, according to Coalition. The 2024 Cyber Claims Report is based on reported claims data from January 1 to December 31, 2023.
Insurance broker and risk advisor Marsh revealed that US cyber insurance premiums rose by an average of 11% in the first quarter of 2023, and Delinea reported that 67% of survey respondents said their cyber insurance costs increased between 50% and 100% in 2023. Reinforcing Active Directory security is one way to protect an organization's critical infrastructure and manage or even potentially reduce the costs of cyber insurance.
One possible solution, touted by former Department of Homeland Security Secretary Michael Chertoff on a recent podcast, would be for the federal government to step in and help pay for these sorts of attacks by providing a cyber insurance backstop. A cyber insurance backstop would provide a means for insurers to receive financial support from the federal government in the event that there was a catastrophic cyberattack that caused so much financial damage that the insurers could not afford to cover all of it.
In this Help Net Security video, Dara Gibson, Senior Cyber Insurance Manager at Optiv, discusses cyber insurance and what we should expect to see in 2024: Ransomware, BEC, and pixel privacy claims...
When American International Group launched the first cyber insurance policy in 1997, it stepped into completely unknown territory to gain market share. While in the UK adoption rates of cyber insurance vary significantly depending on the size of an organization, the US has seen a notable spike in demand across many markets for the past two years, with premiums increasing by 50% in 2022, in large part due to increasing ransomware attacks.
Cyber insurance is a type of insurance policy that provides financial protection and support to individuals and organizations in the event of cyber incidents, including data breaches, hacking, ransomware attacks, and other cyber threats. It typically covers expenses such as data recovery, legal fees, notification costs, public relations efforts, and regulatory fines, helping policyholders manage the financial impact and recovery process following a cyberattack or data breach.
Overall cyber insurance claims frequency increased by 12% in the first half of 2023, according to Coalition. Companies with over $100 million in revenue saw the largest increase in the number of claims as well as more substantial losses from attacks - with a 72% increase in claims severity from 2H 2022.
A significant gap is emerging between insurance providers, as organizations skip the fine print and seek affordable and comprehensive coverage, potentially putting them in a tough place when they need to use this safety net, according to a Delinea report. This year, companies that used their cyber insurance more than once increased to 47%, while 67% of respondents noted that their insurance rates increased 50-100% upon application or renewal.
Specops research shows that in an analysis of 800 million breached passwords, 83% of compromised passwords satisfy the password length and complexity requirements of regulatory password standards. Data from a LastPass survey shows 83% of businesses reported having to prove to their insurance provider that they have multi-factor authentication or password management in order to qualify for coverage or receive a lower premium rate.
One solution to help organizations protect themselves is cyber insurance, despite the rising costs of cyber insurance, where the average price in the U.S. rose 79% in the second quarter of 2022. While cyber insurance is not a one-size-fits-all solution and may not cover every possible scenario, it can help organizations mitigate the financial and reputational risks associated with cyber-attacks and data breaches.