2020 has been a year of great change and constant adaptation to new circumstances.
Organizations and their employees shifted to remote working, which has opened the door for many cybercriminals to exploit new vulnerabilities in ways they have not before.
Coalition, a cyber insurance company, recently released a report detailing the categories of cyber attacks as well as the cause behind the attacks for the first half of 2020.
The number one type of cyber incident so far this year is ransomware. The company says that ransomware accounted for 41% of cyber claims. And the most popular attack vector was phishing. 54% of cyber attacks started with email.
Below you can see two charts describing these findings:
Along with these findings, the research shows three significant causes behind these attacks.
Attacker targeted certain industries more frequently. These industries include consumer businesses, healthcare, and financial services.
In a blog post outlining the report, authors listed four things that organizations must takeaway when reading the report.
1.Cyber losses are increasing in number and severity. "The broad adoption of technology by organizations across all sectors has created new opportunities for cybercriminals. This trend is only increasing with the changes many organizations have implemented to facilitate remote work during the COVID-19 pandemic, and cybercriminals are actively using this to their advantage. Although the number of cyber attacks hasn’t increased dramatically, their rate of success has."
2.Cyber insurance works. "For each and every claim we processed, cyber insurance went beyond the promise to pay, and to make the insured financially whole. It also played a critical role in helping the insured recover operationally."
3. Nothing and no one is 100% secure. "Claims were made by small businesses, large businesses, for-profits, and nonprofits — across every industry and despite investments in cybersecurity."
4.The root causes of security failures are largely known and predictable. "The implementation of basic cybersecurity controls could have avoided a majority of the claims and losses reported to us. No-cost and low-cost controls, such as multi-factor authentication (MFA) and routine out-of-band backups would have eliminated a majority of losses experienced."
Earlier this year, Spencer Fane cyber attorney Shawn Tuma presented on the SecureWorld Remote Sessions. He discussed why insurance is so crucial and the possible devastation from a cyber attack.
"And it really dawned on me one day that I cannot think of any other risk that businesses regularly face where the CEO can go to sleep tonight... with the company running well, doing fine production operations going and then wake up tomorrow morning to find they're completely out of business because of an event that happened overnight, such as a ransomware attack.
We see, by the way, on a regular basis, with these kind of ransomware attacks, but its the one risk that I know of right now, other than maybe nuclear war, where in one night, everything can change and can completely impact your operations."
Tuma went on to discuss the importance of cyber insurance, which could help your business when you need it most.
"You've got to have the ability to pay, you've got to have the ability to cover those costs. And insurance is oftentimes such a critical piece to that, that we are we're seeing a very strong correlation in the ability to respond and recover between those companies that do have cyber insurance and those that don't."
Tuma says it is also crucial to review your cyber insurance as part of your incident response planning.
This is because there is a wide variety in what plans cover and how they are covered, including restrictions on incident response vendors which may be used following an incident.