Coalition 2024 Cyber Claims Report Also Reveals Increased Risks Associated with Boundary Devices like Firewalls and VPNs
San Francisco, CA (Apr. 16, 2024) — Coalition, the world’s first Active Insurance provider designed to prevent digital risk before it strikes, is pleased to announce the publication of its 2024 Cyber Claims Report, which details emerging cyber trends and their impact on Coalition policyholders throughout 2023. The report found that more than half (56%) of all 2023 claims were a result of funds transfer fraud (FTF) or business email compromise (BEC), highlighting the importance of email security as a critical aspect of cyber risk management.
“Threat actors want to get paid, and the email inbox has proven to be an easy place for an attacker to uncover payment information and potentially intervene in payment processes to steal funds,” said Robert Jones, Coalition’s Head of Global Claims. “In 2023, Coalition endeavored to make recovering from a cyber incident as painless as possible for our policyholders: We successfully helped claw back more than $38 million in fraudulent transfers and handled 52% of all reported matters without out-of-pocket payments.”
The report also revealed an increased risk for organizations using boundary devices, such as firewalls and virtual private networks. While these tools can help to reduce cyber risk, using some boundary devices can actually increase the likelihood of a cyber claim if they have known vulnerabilities. For example, Coalition found businesses with internet-exposed Cisco ASA devices were nearly five times more likely to experience a claim in 2023, and businesses with internet-exposed Fortinet devices were twice as likely to experience a claim.
“We also found that policyholders using internet-exposed remote desktop protocol were 2.5 times more likely to experience a claim,” said Shelley Ma, Incident Response Lead at Coalition’s affiliate, Coalition Incident Response. “With new AI tools making it even easier to execute targeted cyber attack campaigns and identify exploitable assets, having an active partner that can help protect your organization from digital risk is crucial.” This new insight comes following Coalition’s Security Labs researchers’ discovery of a 59% increase in unique IP addresses scanning for open remote desktop protocol throughout last year.
- Overall claims frequency increased 13% year-over-year (YoY), and overall claims severity increased 10% YoY, resulting in an average loss of $100,000. Claims frequency increased across all revenue bands, with businesses between $25 million and $100 million in revenue seeing the sharpest spike (a 32% YoY increase).
- As ransomware payments hit $1 billion globally, Coalition ransomware severity dropped by 54%. Ransomware severity, frequency, and demands all dropped in 2H 2023, though not enough to offset the surge in 1H.
- Ransomware frequency was up 15% YoY, and severity was up 28%, to an average loss of more than $263,000.
- When policyholders found it reasonable and necessary to pay a ransom, Coalition helped policyholders negotiate demand amounts down by an average of 64%.
- FTF frequency increased by 15% YoY, and severity increased by 24%, to an average loss of more than $278,000.
- BEC frequency increased by 5% YoY, and severity decreased by 15%.
- Learn more about Coalition in the InsurTech Spotlight.
About Coalition
Coalition is the world’s first Active Insurance provider designed to help prevent digital risk before it strikes. By combining comprehensive insurance coverage and cybersecurity tools, Coalition helps businesses manage and mitigate digital risks. Coalition offers its Active Insurance products in the U.S., U.K., and Canada through relationships with leading global insurers, as well as cyber capacity through its own carrier, Coalition Insurance Company. Coalition’s Active Risk Platform provides automated security alerts, threat intelligence, expert guidance, and cybersecurity tools to help businesses worldwide remain resilient against cyber attacks. Headquartered in San Francisco, Coalition is a distributed company with a global workforce that collaborates digitally and in office hubs. For more information, visit www.coalitioninc.com.
Insurance products are offered by Coalition Insurance Solutions Inc. (“CIS”), a licensed insurance producer and surplus lines broker with its principal place of business in San Francisco, CA (Cal. license #0L76155), acting on behalf of a number of unaffiliated insurance companies and available on an admitted basis through Coalition Insurance Company (“CIC”) a licensed insurance underwriter (NAIC #29530). Insurance products offered through CIS and CIC may not be available in all states. CIS may receive compensation from an insurer or other intermediary in connection with the sale of insurance. All decisions regarding any insurance products referenced herein, including approval for coverage, premium, commission, and fees, will be made solely by the insurer underwriting the insurance under the insurer’s then-current criteria. All insurance products are governed by the terms, conditions, limitations, and exclusions set forth in the applicable insurance policy. Please see a copy of your policy for the full terms, conditions, and exclusions. Copyright © 2023. All rights reserved. Coalition and the Coalition logo are trademarks of Coalition, Inc. or its affiliates.
SOURCE: Coalition via Omnia Partners
Tags: Coalition Inc., cyber attacks, Cyber Insurance, cyber risk, cyber security, InsurTech, InsurTech Spotlight, survey