Coalition reveals uptick in cyber insurance claims driven by ransomware in 2023 – Business
A new report released today by cybersecurity insurance startup Coalition Inc. details a rise in cyber insurance claims in 2023, primarily driven by ransomware claims.
In 2023, Coalition saw a 13% year-over-year increase in claims, but that was below an historic high in 2021. Overall claims severity increased 10% year-over-year to an average loss amount of $100,000, driven by ransomware claims in the first half of the year. Notably, though, 52% of all reported matters were handled without any out-of-pocket payments by policyholders.
More than half of all claims lodged with Coalition last year related to business email compromise or funds transfer fraud, with one common factor: They were attacks that came through email. The report notes that more than half of claims were related to email attacks, highlighting the importance of email security as a key aspect of cyber risk management.
In a surprising finding, particularly given that the total number of ransomware attacks increased, the severity of ransomware attacks dropped 54% last year. The decline was mostly seen in the second half of 2023, following a surge in the first half of the year.
Businesses using select boundary devices were also found to be at a greater risk than others. Though firewalls, virtual private networks and other devices can help reduce cyber risk, Coalition found that the businesses that use them are more likely to experience a cyberattack and make a claim.
Coalition was also successful last year in “clawing back” stolen funds, recovering more than $38 million in fraudulent transfers during 2023. The ability to get money back is noted as demonstrating the potential to mitigate losses from funds transfer fraud through timely intervention and good cybersecurity practices.
The report recommends that companies prioritize cybersecurity measures and engage actively with cyber insurance providers to tackle cyberthreats. Coalition suggests companies also focus on enhancing email security, given the high frequency of BEC and FTF, by training employees on recognizing phishing attempts and by implementing advanced email filtering technologies.
“Good cyber hygiene and strong security controls remain the strongest tools to protect against these familiar cyber attacks,” the report concludes. “We continue to see a direct correlation between the technologies businesses use and the risks associated with cyber insurance claims. Security controls and services, like multi-factor authentication and managed detection and response, can help businesses stay one step ahead of threat actors.”