Ransomware Attack Demands Cause Cyber Insurance Claim Amounts to Skyrocket

Stu Sjouwerman | May 14, 2021

Ransomware Attack Demands Cause Cyber Insurance ClaimThe perfect storm of large enterprises, cyber insurance policies, successful ransomware attacks, and ransom demands in the tens of millions now consistently result in seven-figure claim amounts.

Insurers of cyber policies are a great indicator around whether the security posture of most organizations is sound or not. And from the look of things, some of you could use some help. Tamara Ashjian, Director of Claims at Tokio Marine HCC – Cyber & Professional Lines Group recently spoke with Insurance Business about the current state of cyber insurance claims.

The trend seems simple enough; a few years ago, according to Ashjian, there were very few claims and most were in the $10,000 range. In 2019, claims climbed to just above the $500,000 range, and in 2020 claim payouts jumped significantly between $3 million and $5 million.

The expectation is that this amount will only go up, putting additional pressure on insurers to make sure their insureds have proper security in place.

According to Ashjian, “the number one way that hackers gain access to insureds’ systems is via employee error or negligence,” detailing that “threat actors typically gain access to a network through a phishing scheme, where the employee receives a spoof email or call and is tricked into providing their credentials.”

Employees and phishing don’t mix well, as phishing is the number one threat action used in data breaches and remains tied with remote desktop as the number one initial attack vector for ransomware attacks. Employees undergoing Security Awareness Training understand how to quickly identify phishing attacks and suspicious email content, reducing the risk of successful attack.

The less expensive course is to shore up your security, rather than try to get your cyber insurer to pay your claim. Your users need to be a part of that security model and Security Awareness Training is the answer.

Topics: Ransomware

Test Your Network’s Defenses with our Free Ransomware Simulator

When employees bypass guidance and fall for social engineering, your network security is the last line of defense. Run our 100% harmless RanSim tool on Windows 10+ workstations to safely simulate 25 ransomware and cryptomining infection scenarios, pinpoint technical vulnerabilities, and get your results in minutes.

Launch Your Free Ransomware Simulation

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.