Into the middle of 2022, the Cyber Insurance market continues to see increases in pricing and tighter underwriting driven by cyber attacks and claims. Cybercriminals are finding new ways to exploit security weaknesses, while cybersecurity experts and Cyber Insurance underwriters evolve to meet today’s security challenges.
Sophisticated phishing attacks on the rise
Recent research found a 54% increase in phishing attacks during the first three months of 2022 compared to the same time frame last year. Because humans are the primary vulnerability, bad actors often use phishing attacks as the initial attack vector and then deploy malware or ransomware on the victim’s network.
The rise in remote work has made it easier for criminals to gain access via phishing attacks and other means. Employees used to have the option to share information casually with colleagues in the same office, such as verifying suspicious email requests, but virtual work has made that difficult. Companies are having to adjust their ongoing cybersecurity training to tackle the current environment.
A resurgence of previous tactics
There has also been a recent spate of voicemail phishing attacks, mainly targeting manufacturing, healthcare, and security providers. Essentially, a person receives an email that appears to have a voicemail attached via HTML. When the person clicks on the “voicemail,” they are taken to a credential phishing site where the cybercriminal will attempt to access the person’s Microsoft login and password.
Threat actors can use stolen credentials for additional attacks, such as ransomware attacks.. Many of these attacks target critical enterprises like healthcare and supply chain/manufacturing. In industries that can’t stop or slow down, they are out of business – attacks of this nature can be particularly devastating and extremely costly.
Ransomware attacks are skyrocketing
It’s not just big businesses under attack anymore – ransomware is affecting small companies in a major way. A single cyber incident can be incredibly costly and could potentially put a small business out of business – permanently. But with the right Cyber Insurance can provide essential financial protection and access to post-loss experts. According to a recent report by Verizon, ransomware attacks increased by 13% in one year, which is a larger increase than the previous five years combined.
Companies and individuals can easily fall victim to ransomware through email, text messages, or other evolving tactics. As with other cyber attacks, common ransomware targets include healthcare, governmental entities, supply chain, and financial services.
The Impact on Cyber Insurance
The increase in cyberattacks has led to an increase in interest in Cyber Insurance. With cyber incidents rising, insurance companies are revising their underwriting appetites and policies to ensure that businesses are adequately prepared for an attack.
The increasing number of cyber incidents means companies should expect to pay more for cyber insurance. Data from Insurance Journal found that cyber insurance premiums rose an average of 27.5% in 2022, and underwriters are implementing stricter cybersecurity requirements. Although insurance costs are rising, some experts estimate that the average cost of a data breach could be as much as $4.24 million. A comprehensive Cyber Insurance policy is a strong defense against cyber threats and data breaches.
If you have questions or concerns about the cost of cyber insurance, talk with an insurance expert to find out more. While costs are increasing, an expert can help you find cost management strategies and coverage options to support your business.
Proactive Cyber Security Steps
While the increase in both attacks and insurance premiums might not be the news that companies want to hear, many steps exist to mitigate the risk of cyber attacks and reduce Cyber Insurance premiums. Here are just a few of the ways you can better protect yourself and your business:
- Create and continually update a formal internal data and IT security policy
- Require multi-factor authentication and robust password requirements
- Exercise extreme caution with links and requests sent via email, text, etc.
- Ensure your vendors and partners are using cybersecurity best practices since many attacks are often sent through third-party contacts
Nearly every business operating today leverages technology and could benefit from Cyber Insurance.
You can get more information about cyber insurance here, or contact the eSpecialty Insurance team for a conversation about your specific needs and options.