The recent Cyber Incident & Breach Trends Report reveals that although overall incidents of cyber crime were down in 2018, the financial impact is way up. This should come as no surprise. Especially considering that the recent Capital One, Equifax and Marriott data breaches each had over 100 million people affected which over time, will add up to millions of dollars for each of these organizations. Indeed, incidents may be down but the financial impact is higher than ever.
What the cyber attack trends report tells us
The financial impact of ransomware rose by 60%, losses from business email compromise (BEC) doubled, cryptojacking incidents (the unauthorized use of others’ computing resources to conduct cryptomining) more than tripled, and there continued to be a steady stream of high-profile data breaches.
2018 Incident Highlights
- 95% of breaches could have been prevented (ISOC)
- 3.2% decrease in reported breach incidents (RBS)
- 5 billion records exposed, a 35.9% decrease (RBS)
- $8 billion financial impact of ransomware (CV)
- 12% rise in business targeted ransomware (Symantec)
- $12.5 billion in global EAC/BEC losses since 2013 (FBI)
Every data breach provides learning opportunities and lessons to be learned – from securing third-party access, to ongoing diligence in monitoring for vulnerabilities and unauthorized access, to keeping only necessary data and securing it properly.
The report poses the question “are things getting better or worse”?
The answer: “both” – as some types of attacks wane, others rise.
Are you Ready?
The report provides 10 Core Readiness Principles gathered from past data breach incidents and how they were handled or should have been handled. Whether it is recognizing that responsibility for incidents is a company-wide issue, identifying and protecting your company’s most valuable assets, collecting and retaining data for only as long as it is needed, assessing the costs of a potential network outage, having an incident response plan and a cyber insurance policy in place can help reduce the financial impact of an attack.
One of the report’s key recommendations is for companies to complete a review of insurance needs including exclusions and pre-approval of coverage for any third-party services (such as cyber forensics, remediation provider, PR firm, etc). This is crucial, as today it is best to know these details before your incident happens and before you submit your insurance claim.
Please reach out to us for assistance with your company’s cyber insurance policy or to receive cyber insurance quotes from today’s leading cyber insurance insurers.
We Help Turn a Complex Process into a Simple One
CONTACT US TODAY FOR ASSISTANCE