Cyber Claims Down But Still Remain Top Concern

October 3, 2022 by

Cyber threats were the top concern for business decision-makers for the third time in four years, according to a recent survey. But overall claims have trended down, at least for the cyber insurer and cybersecurity firm, Coalition.

According to the 2022 Travelers Risk Index, cyber threats were chosen as a top concern by 59% of respondents, followed by broad economic uncertainty (57%), fluctuations in oil and energy costs (56%), the ability to attract and retain talent (56%), and medical cost inflation (55%).

Travelers said that big jumps were seen this year relating to concerns in oil and energy costs (a 16-point increase, up from 40%) and supply chain risks (54%, up from 43%).

The Travelers survey indicates many companies seem to have a false sense of security when it comes to cyber preparedness. The vast majority (93%) of respondents were confident their company had implemented best practices to prevent or mitigate a cyber event; however, 64% admitted they don’t use endpoint detection and response, 59% haven’t conducted a cyber assessment for vendors, and 53% don’t have an incident response plan. While 90% of survey respondents were familiar with multifactor authentication (MFA), only 52% said their company had implemented the practice for remote access.

At least for Coalition policyholders, cyber liability claims trended down in the first half of 2022. However, Coalition’s 2022 Cyber Claims Report mid-year update noted that businesses with revenue under $25 million saw a spike in average claims severity to $163,000 in the second half of 2021 — 85% higher compared with the first half of 2021. Through the first six months of 2022, severity decreased to an average $139,000 but that is still 58% more than values recorded in the first half last year, the cyber insurer and cybersecurity firm said.

“Organizations of this size are especially vulnerable to threat actors as they often lack resources to quickly respond to an attack,” Coalition said.

Phishing remains of high concern for business of all sizes because employees continue to be the weak link in cyber defenses. Coalition’s look at about 160,000 of the businesses it protects found that phishing accounted for a majority – about 58% — of claims during the first half 2022. That is a 32% increase from the second half of 2021.

Phishing through business email compromise often leads to funds transfer fraud (FTF), in which threat actors redirect or change payment information to steal. Coalition said the frequency of these incidents remained consistent but severity increased 3% to continue a 3-year trend of rising FTF claims costs.

The good news, according to Coalition, is that the frequency and severity of ransomware claims declined during the first six months of the year. Hackers’ ransom demands also decreased to $896,000 from $1.37 million for the second half of 2021.

Overall, Coalition said its policyholders experienced 50% fewer claims than the broader insurance market. The average loss was $175,258, a decrease of 8% compared with the second half 2021.