Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

New data covering cyber insurance claims through 2023 shows claims have increased while reaffirming what we already know: phishing and social engineering are the real problem. If you’ve read enough of my articles here, you already know my view is a bit skewed towards the need for organizations to be aware of the true dangers of email-based cyber attacks.

When a data breach happens, criminals may instantly expose millions of personal, financial, and medical information. They can then use that compromised data to break into other systems, help commit consumer frauds schemes, or be sold to the highest bidder. If that compromised information also contains personally identifiable information (PII), those exposed may fall victim to identity theft.

Insurance scams are deceptive activities that allow criminals to manipulate insurance systems to obtain an illegitimate claim. They can come from many sources and appear during the process of underwriting, selling, using, or buying insurance, and can come from many sources. As we’re concerned, insurance scams are those that fraudsters commit against an insurance provider using the authentic details of a patient.

Yep, it’s that time of year again. The moment when that dreaded questionnaire from your Cyber Insurer lands on your desk like a ton of digital bricks. Suddenly, panic mode kicks in, and you’re transported back to those school days, facing an exam that seemed more daunting than Mount Everest. Remember how you used to play the skipping game with exam questions, hoping for a miracle to help you conjure up some brilliant answers? Yeah, it’s like déjà vu all over again.

In the face of increasingly frequent and severe cyber attacks, organizations with strong cybersecurity maturity are working hard to manage and mitigate their risk, while recognizing that these may no longer be enough.

A new report on the state of email security sheds some light on how organizations are viewing and approaching cyber insurance as they shift strategy toward being cyber resilient. The topic of cyber insurance has been covered quite a bit here on this blog. From when cyber insurance first began as a concept, to the challenges it poses for organizations looking as their last resort after an attack, to changes in insurance policy and law.

Arctic Wolf and SC Media surveyed an audience of more than 500 North American IT security professionals in the fall of 2023 and discovered that, among those who currently have cyber insurance policies, 47% of them have had coverage for 12 months or less. A significant increase among the insured reflects the kind of growth one might expect from an industry that has seen monumental change in just a few short years.

New data from cyber insurance underwriters shows what they think the biggest threats will be in 2024 and what organizations should do about it. Because insurance underwriters analyse lots of risk data to make decisions about insurance premiums and policies, it makes sense to hear their perspective on 2024’s outlook will be. According to insurer Woodruff Sawyer’s Cyber Looking Ahead Guide 2024, there’s some good news and some bad news.