Howden report: Ransomware attacks rise 170%

Insurance broker Howden’s new report examines how ransomware attacks, higher rates, and changing regulations are driving today’s cyber insurance market

Insurance broker Howden has released a report examining today’s cyber insurance market and has found the cost of insurance to protect businesses and organisations against the ever-increasing threat of cybercrimes has soared by a third in the last year. 

Declaring a ‘digital pandemic’, Howden says ransomware is now the predominant cyber threat confronting businesses of all sizes, with 170% more attacks having taken place during the end of 2020 than the year before.

For US companies that decided to pay a ransom in Q1 of 2021, it is likely they paid 400% more than they would have in 2019. The average cost of ransomware remediation globally has also increased, rising to US$1.85 million this year from US$700,000 in 2020. Average remediation costs in several major markets, including the US, now exceed US$2 million, according to the report.

 

Global cyber insurance prices increasing

 

Howden points out that the availability of accessible and relatively low-cost ransomware kits, or ransomware-as-a-service (RaaS), combined with a new strategy that involves both data encryption and the publication of stolen data, known as double extortion, has caused the frequency and severity of ransomware attacks to soar.

As a result, the report found that global cyber insurance pricing has increased by an average of 32% year-on-year in June 2021, on the back of a 50% rise since data tracking began. Insurers are also demanding more from businesses’ cyber resilience and are only willing to deploy capacity if they are satisfied by companies’ risk management frameworks, the report found.

“Cyber risk has undergone multiple episodes of change and development in its relatively short history, but nothing quite so impactful and fundamental as the events over the last year,” said Shay Simkin, Global Head of Cyber, Howden.

“COVID-19, and all of its attendant effects on technology adoption and cyber security, combined with independent or connected changes to the loss environment, has added a big dose of complexity into an already complicated risk landscape.”

Howden’s report found that the COVID-19 pandemic has amplified the risks associated with cyber and revealed pre-existing vulnerabilities. While businesses are investing in data and cloud security to deal with the changes brought about by the pandemic, cybercriminals are often one step ahead of them, Howden found. The report said that cyber criminals have exploited interest and concerns about the pandemic to entice users to click on malicious links or attachments. Delays in breach discovery due to a reduction in on-site staff have exacerbated the issue.

Simkin said that the cyber insurance market is being driven by an imbalance of demand and supply, “which shows no sign of relenting anytime soon.”

“Claims are up, capacity is down, and underwriting profitability is, at best, under pressure,” Simkin said. “The impact on insurance buyers is stark; the importance of being prepared for a cyber attack has never been clearer. With insurers now demanding markedly higher cybersecurity standards before deploying capacity, businesses need analytical solutions designed specifically for them, combined with focused, expert intermediation to help them secure the coverage that meets their needs.”

Share

Featured Articles

ICYMI: New Age of the CISO and cybersecurity trends for 2023

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Kingfisher chooses Google Cloud as catalyst for growth

Google Cloud will support Kingfisher's digital ambitions with a range of solutions, from infrastructure to data analytics.

ICYMI: Cyber predictions for 2023 and trouble in paradise

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Osirium shares its cyber predictions for 2023

Cyber Security

ICYMI: Unloved emails and cybersecurity worth $500bn by 2030

Cyber Security

Cyber security market anticipated to reach $500bn by 2030

Cyber Security