Funds transfer fraud and business email compromise were the predominant cause of cyber insurance claims made by insurer Coalition’s clients during 2023.
The insurer’s 2024 Cyber Claims Report also revealed an increased risk for organisations using boundary devices, such as firewalls and virtual private networks. While these tools can help to reduce cyber risk, using some boundary devices can at the same time increase the likelihood of a cyber claim if they have known vulnerabilities. For example, Coalition found businesses with internet-exposed Cisco ASA devices were nearly five times more likely to experience a claim in 2023, and businesses with internet-exposed Fortinet devices were twice as likely to experience a claim.
“Threat actors want to get paid, and the email inbox has proven to be an easy place for an attacker to uncover payment information and potentially intervene in payment processes to steal funds,” said Robert Jones, Coalition’s head of global claims. “In 2023, Coalition endeavoured to make recovering from a cyber incident as painless as possible for our policyholders: We successfully helped claw back more than US$38m in fraudulent transfers and handled 52% of all reported matters without out-of-pocket payments."
Key cyber insurance claims trends (Source: 2024 Cyber Claims Report, Coalition)
Other findings from Coalition’s report include:
• Overall claims frequency increased 13% year-on-year, and overall claims severity increased 10% YoY, resulting in an average loss of US$100,000. Claims frequency increased across all revenue bands, with businesses between US$25m and US$100m in revenue seeing the sharpest spike (a 32% YoY increase).
• As ransomware payments hit US$1bn globally, Coalition ransomware severity dropped by 54%. Ransomware severity, frequency and demands all dropped in 2H 2023, though not enough to offset the surge in the first half of the year.
• Ransomware frequency was up 15% YoY, and severity was up 28%, to an average loss of more than US$263,000.
• When policyholders found it reasonable and necessary to pay a ransom, Coalition helped policyholders negotiate demand amounts down by an average of 64%.
• FTF frequency increased by 15% YoY, and severity increased by 24%, to an average loss of more than US$278,000.
• BEC frequency increased by 5% YoY, and severity decreased by 15%.
• Policyholders using internet-exposed remote desktop protocol were 2.5 times more likely to experience a claim.
Printed Copy:
Would you also like to receive CIR Magazine in print?
Data Use:
We will also send you our free daily email newsletters and other relevant communications, which you can opt out of at any time. Thank you.
YOU MIGHT ALSO LIKE