What the NetD, Verizon, and Cyentia Reports tell us about the present and future state of cyber threats and cyber insurance

What the NetD, Verizon, and Cyentia Reports tell us about the present and future state of cyber threats and cyber insurance

The past year has been overwhelming in many ways, but cyber threats really took off and became a primary concern for all businesses, no matter the size. The 2022 Verizon Data Breach Investigations Report (DBIR) summarizes four key paths, all of which pervasive and should be a focus for organizations: Credentials, Phishing, Exploiting vulnerabilities, and Botnets.

Ransomware Biggest Concern

This year, ransomware threats have continued to rise at almost 13% and Ransomware-as-a-Service has been become increasingly popular. Blocking the 4 key paths mentioned above helps to block the routes ransomware commonly uses to take over your systems. The threats we faced in last year such as Solar Winds, Log4j, and Kaseya showed us how one supply chain incident can lead to a wide range of consequences.

The Cyentia Unit 42 Ransomware Threat Report 2022 shares that the average ransom demand on cases handled by Unit 42 last year was 2.2 million, and the average payment rose 78% to 541,010. According to the  NetDiligence Claims Study, the average total cost for a ransomware incident for SMEs is $267,000 and $16.6 million for large companies. The average costs for business interruption are $316k total for SMEs and $50 million for large companies.

Human Risk is Cybersecurity Risk

Human error continues to be a trend that drives data breaches; often influenced by misconfigurations of cloud storage, stolen credentials, phishing, or other simple security errors. People continue to play a large role in incidents and breaches, so don’t discount the importance of employee awareness training and the risk your own employees pose to your organization.

Data Breaches are a concern, especially as they are now often part of a ransomware attack
Some of the main causes of data breaches were use of stolen credentials, ransomware, and phishing. Web applications and email are the top two vectors for breaches, followed by carelessness, which are errors such as mis-delivery and misconfiguration- often human errors. The next vector is Desktop Sharing Software such as RDP and third-party software that allows users remote access other devices. It is important to note that if it’s easy for you to log, it’s probably not too difficult for a hacker either.

It’s Never Just One Thing

It is important to note that the pattern of system intrusions can consist of complex attacks that involve a combination of actions such as Social, Malware, Hacking, and Ransomware, and even threats originating from partners and vendors. In the past year, we learned the importance of choosing your partners and vendors wisely with all the third-party and supply chain breaches.

Top Causes of Loss for SMEs

According to the NetDiligence study, the top causes of Loss at SMEs are ransomware, hackers, business email compromise, staff mistakes, and phishing. These categories accounted for 70% of claims and 80% of total incident cost. The top affected sectors are consistent with the past few years: professional services, manufacturing, healthcare, technology, retail, and financial services.

Cyber threats are becoming more sophisticated, and cyber insurance is now more important than ever to your business. Luckily, if you are incorporating the necessary security controls to combat these threats, you are putting yourself in a better position to attain cyber insurance with better pricing and better terms. Read the reports for yourself and keep your organization educated on the trends in cybersecurity and cyber insurance, and very importantly, put security controls in place to combat all key paths and threat patterns.

How to protect your business in our ever-changing cybersecurity landscape

How to protect your business in our ever-changing cybersecurity landscape

Our nation has been facing some serious cybersecurity threats recently. A year ago, the nation was hit with the Colonial Pipeline ransomware attack that showed us how serious these threats really are. Other incidents such as the Kaseya hack and Log4Shell vulnerability showed businesses they need to prioritize their cybersecurity to stay on top of these evolving threats.

Currently, we are expecting an influx of phishing threats due to Russia’s war in Ukraine and bracing ourselves for other types of threats. Because of these recent events, the cyber insurance market is hardening; carriers are increasing their requirements, raising their premiums, and getting their war exclusion policies in order. There are several things businesses can do to protect themselves, their clients, and keep themselves insurable.

When it comes to phishing campaigns, the hacker is after your personal/sensitive information, usually trying to take control of your systems. Employee cybersecurity awareness training is crucial to combating these types of phishing attacks. These threats often use fake social media profiles, acting as recruiters, or impersonating an administrative role at a trusted company, sending malicious emails attempting to steal information and compromise your system. In fact, many insurance carriers are requiring employee cybersecurity training as well as the following and more.

  • Patch Management
  • Email Filtering
  • Offsite Backups and Backup Testing
  • Multi-Factor Authentication (particularly for admin and remote access)
  • Endpoint Detection and Response (EDR)
  • Next-Generation Anti-Virus
  • Security Awareness Training

Luckily, having these security controls in place will help you better protect yourself and your clients, while getting you better coverage for lower rates and keeping your prepared for our nation’s next threats.

More phish in the digital seas this year

More phish in the digital seas this year

“We’re going to need a bigger boat.” There’s more phish in the digital seas this year.

Researchers from Kroll analyzed data from security incidents they responded to during the first quarter of 2022. The analysis showed a 54% increase in phishing incidents for initial access compared to the first quarter of 2021.

The analysis also showed ransomware attacks dropped 20% between Q4 of 2021 and Q1 of 2022, partially due to law enforcement’s disruption of malicious activity. However, data collected from this quarter suggests ransomware attacks may pick up again. Recently, ransomware groups have been getting involved with Russia in the war against Ukraine, which may lead to some large threats.

How can businesses ensure they don’t fall victim?

Email attacks from Russia are already on a surge. Especially now, be cautious of any suspicious emails and double check the sender. Many phishing attacks are sending legitimate looking emails from administrative members or CEOs of organizations. If something doesn’t seem right, reach out to that person directly. Educate your employees on what to look for and how to not fall victim to these types of attacks through security awareness training and phishing simulations.