The past half-decade has been a particularly tumultuous one for cybersecurity. It has borne witness to some of the most damaging attacks in history, unprecedentedly high data breach rates, and a staggering number of emerging threat groups. However, a new report from cyber insurance provider Coalition suggests that things are beginning to stabilize.
The report, which features data from Coalition’s US and Canada customer base ranging from businesses with less than $25 million in revenue to more than $100 million, has revealed that while claim severity has risen, frequency has fallen in the first half of 2023. This suggests two key things: cybercriminals are choosier when picking their targets, and while organizations generally are practicing better cyber hygiene, those that don’t are paying the price. So, without further ado, let’s dive into the report’s key findings.
Claims Frequency: A Breakdown
Claims frequency fell for businesses in all revenue bands: 24% for those with less than $25m in revenue, 12% for those with between $25 and $100m, and 28% for those with more than $100m. This perhaps suggests that cybercriminals are becoming savvier with whom they attack; those with the lowest revenues are likely to yield the lowest rewards, and those with the highest revenues are likely to have sophisticated defences, leaving those with middling revenues as the most viable option.
It’s a similar story when we break down claims frequency by event type. Claims frequency fell across the board. However, the most notable is that ransomware claims fell significantly more than Funds Transfer Fraud (FTF), Business Email Compromise (BEC), or other attack methods, falling from 0.62% to 0.28% from 2022 to 2023. We can perhaps attribute this decline to the increased awareness of ransomware, meaning organizations have better protected themselves against it.
Claims Severity: A Breakdown
As we’ve covered, claims severity rose from 2022-2023, but let’s break that down a little bit. While claims severity overall increased, ransomware and FTF claims severity decreased. However, other event types and BEC claims severity increased more significantly, resulting in total claims severity increasing by over $500. Again, this suggests that organizations in 2023 are more prepared for ransomware than ever, likely because of all the high-profile headlines in the past two years.
Claims severity by revenue grew across the board. However, the increase was most significant for organizations with a revenue of between $25 and $100 million. Again, we can likely attribute this to cybercriminals thinking more about whom they attack.
Now that we have a better understanding of the landscape, let’s take a brief look at how to protect yourself from the top threats.
Protecting against Ransomware Attacks
To protect against ransomware, regularly update your operating system and software, employ robust, up-to-date antivirus and anti-malware tools, and enable a firewall. Educate yourself and your team about phishing scams, and avoid clicking on suspicious links or downloading attachments from unknown sources. Back up critical data regularly, store it offline and test the backups for restoration. Implement strong, unique passwords and consider using a password manager. Restrict user permissions to only what's necessary and apply the principle of least privilege. Lastly, consider deploying email filtering and intrusion detection systems and stay vigilant for emerging threats through threat intelligence sources.
Protecting Against BEC Attacks
To protect against BEC attacks, establish robust email security protocols, including DMARC, SPF, and DKIM authentication. Train employees to recognize phishing attempts, especially those targeting financial transactions or sensitive data. Implement strict verification procedures for requests involving money transfers or confidential information, including verifying identities through out-of-band communication. Employ email filtering and anti-spoofing solutions. Encourage a culture of skepticism regarding email requests for sensitive information or payments and establish clear reporting mechanisms for suspected BEC incidents. Regularly audit email access controls and monitor email traffic for unusual activity to detect and respond to BEC threats promptly.
Protecting Against FTF Attacks
To protect against Funds Transfer Fraud (FTF), train employees to recognize phishing attempts and verify financial requests through secondary channels. Implement email authentication (DMARC, SPF, DKIM) to prevent email spoofing. Enforce strict access controls for financial systems. Use multi-factor authentication (MFA) for all financial transactions. Regularly review and update financial policies and procedures. Conduct periodic security audits and risk assessments. Monitor financial transactions for unusual activity and employ anomaly detection systems. Stay informed about the latest FTF attack techniques and educate employees accordingly. Consider cyber insurance for financial protection in case of a breach.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire.