• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Contact Us
  • Sponsor An Email
  • Post A Job
  • Merger & Acquisition Services

Agency Checklists

Massachusetts Insurance News & More

You are here: Home / Partner News | Sponsored Articles / Company News / Corvus Insurance Reports Ransomware Attacks are Down from Recent Peaks, as Costs and Frequency of Claims Trend Downward

Corvus Insurance Reports Ransomware Attacks are Down from Recent Peaks, as Costs and Frequency of Claims Trend Downward

April 14, 2022 by AC Editor

Corvus Risk Insights Index™ finds 2021 average ransoms paid by quarter was $167K, down 44.2%

Insurtechs in Boston

BOSTON – Corvus Insurance the leading provider of smart commercial insurance products powered by AI-driven risk data, today released findings from its second Corvus Risk Insights Index™, a compilation of industry trends and data analysis based on the company’s proprietary IT security scanning technology, the Corvus Scan, in addition to results from its Policyholder Cybersecurity Benchmarking Survey, sent to current Cyber and Technology Errors & Omissions (Tech E&O) policyholders.

“In support of our mission to make the world a safer place, it is our hope that this report provides guidance not only for our policyholders, but all of those seeking to protect their business, employees, and customers from cyber threats, especially at this critical time in history,” said Jason Rebholz, Chief Information Security Officer at Corvus Insurance. “Corvus’s real-time data and AI-powered risk management tools provide unparalleled transparency between our risk capital partners, policyholders, and brokers and allow us to share these actionable insights to increase awareness around the current state of cyber risk to help keep everyone safe.”

In the second edition of the Corvus Risk Insights Index™, Corvus’s experts — including data scientists, underwriters, cybersecurity professionals, and claims managers — reflect on the past year, current trends, and what’s to come in the remainder of 2022. In reviewing the evolving cyber risk landscape, the report includes a breakdown of the impact of zero-days and third-party risk, updates on ransom severity, and a review of recent key vulnerabilities. To shed light on concerns and perspectives that are unique to the small- and medium-sized business (SMB) segment, the report also features insights from Corvus’s first Policyholder Cybersecurity Benchmarking Survey, which captured insights from their Cyber and Tech E&O policyholders.

Ransomware claims, costs, and severity

One of the best indicators of overall cybercrime activity is the rate of ransomware claims in the Corvus book of business. Based on Corvus’s claims data, after all of the dire headlines throughout 2021 the end of the year presented signs of improvement:

  • In Q4, the rate of ransomware claims reached just half of the peak seen in Q1 2021 — decreasing from 0.6% to 0.3%.
  • While the Q3 2021 average ransom paid was atypically high, the entire 2021 ransoms paid by quarter average was ~$167k, 44.2% less than the Q3 figure.
  • Overall, fewer ransoms are being paid compared to those demanded. The percentage for the last quarter of 2021 held steady in the low twenties, down significantly from figures that once were over 50%. As recently as Q3 2020, the ratio was 44%.

This decrease in cost and severity can be partially attributed to underwriting entities requiring stronger backups for insurance coverage, which is helping to drive the broader trend toward more sophisticated and resilient approaches to mitigating ransomware risk.

The data also revealed spikes in claims tied to major cybercrime events including the Microsoft Exchange Server vulnerability and the Kaseya ransomware attack. While these events were enough to significantly, but temporarily, impact the month-by-month ransomware claims rate, the overall average severity of claims declined.

As the cyber threat landscape continues to evolve, Corvus’s Risk Insights Index™ touched on Russia’s ongoing invasion of Ukraine, which has included a hybrid warfare model involving cyber attacks against public and private sector organizations. While attacks have led to increased concerns over potential collateral damage, Corvus observed a 30% reduction in ransomware claims frequency from Q4 2021 to Q1 2022 (through March 15), highlighting the fractured ransomware threat ecosystem during a time of war.

Severity is lowered, but not across the board

The overall severity of ransomware costs by industry shifted significantly over the past year. The report indicates a decreasing cost impact on education and social services, while the professional services industry (including but not limited to law firms, consulting firms, and architecture firms) experienced increased ransomware costs. The data highlights that:

  • The average claim reached nearly $400,000 within the professional services industry in Q4 2021, by far the highest in that timeframe.
  • Healthcare, which saw an alarmingly high average in claim severity to start the year, has returned to a historically low average, with zero ransomware claims recorded in Q4 2021.

The decreasing claims severity within healthcare may be tied to dissipating public fears and subsequent exploitation by threat actors during the height of the COVID-19 pandemic.

SMBs still playing cyber strategy catch up

Corvus’s first Policyholder Cybersecurity Benchmarking Survey, conducted in Q4 2021, showed that SMBs are still building their cyber investments. The survey was deployed to Corvus’s Cyber and Tech E&O policyholders, with the nearly 300 respondents’ titles ranging from C-suite to Vice Presidents, Directors, and IT Managers. Participants’ company size ranged from fewer than 50 employees to over 250. The results showed that SMBs are primarily concerned with external threats — attack vectors including ransomware and phishing — and revealed:

  • Only 8% of the smallest businesses (with <50 employees) have a dedicated cybersecurity budget.
  • Among the largest businesses within the surveyed group — those with 250 or more employees — 18% reported having a dedicated cybersecurity budget.
  • Spend on cybersecurity is expected to increase. Sixty percent of participants stated that their security spending is expected to increase with support from their CEO and senior management.
  • Of the participants who stated that they need help with security improvements, 72% were companies that lacked a CISO — reinforcing the idea that a CISO can play a large part in improving security posture.

Survey respondents highlighted a lack of resources and the overall complexity of security as key driving factors currently preventing improvements in their defenses. Smaller companies (<50 employees) are more concerned with staying current on new threats, while larger organizations are more concerned with vendor breaches, bringing to light the fact that many companies may fail to emphasize and act on the need for an internal security culture.

“We are in the midst of a critical and challenging time for security professionals,” said Phil Edmundson, Founder and CEO of Corvus Insurance. “As the security landscape shifts and threat actors continue to evolve their attacks, this report provides the data-driven analysis critical for organizations to navigate and prepare for adverse events in this new cyber age.”

You can access the full Corvus Risk Insight Index™ here.

Source: Corvus Insurance

Print Friendly, PDF & Email

Filed Under: Company News, News | Miscellaneous Tagged With: Agency Checklists, Corvus Insurance, Mass. Insurance News, massachusetts insurance news, New England Insurance News, Ransomware

Primary Sidebar

Sponsored

Sponsored

Latest Agency Sales

Patriot Growth Adds Two Employee Benefit Agencies in Massachusetts

Cross Insurance Acquires Two More Massachusetts Insurance Agencies & Opens A New Office in Newburyport

Q1-2022 Sees A Decline in U.S. Mergers & Acquisitions Activity

Insurance Agency Mergers & Acquisitions in Mass. | Q1-2022

Insurance Agency Mergers & Acquisitions in Mass. | Q1-2022

More Agency Sales

Career News

Two New Appointments At Preferred Mutual

Agency Checklists, MA Insurance News, Mass. Insurance News, MA Life Insurance Companies, Boston Mutual

Boston Mutual Life Insurance Company Appoints David Martin as Vice President and Chief Information Officer

Satellite Agency Network

SAN Group Announces Recipients of 2022 SAN Awards

Alera Group Expands Northeast Regional Leadership Team

A.I.M. Mutual Elects Daniel A. Landers President & Chief Executive Officer

A.I.M. Mutual Elects Daniel A. Landers President & Chief Executive Officer

In Memoriam

In Memoriam: Daniel Rizzo, 1937-2022

In Memoriam: Bruce MacDonald 1935-2022

In Memoriam: Bruce MacDonald 1935-2022

In Memoriam: William "Bill" Carter, Jr. 1932-2022

In Memoriam: William “Bill” Carter, Jr. 1932-2022

CAR News

17 Bullet Points on The New Insurance Labor Rate Report

2nd Look 2022: The Massachusetts Private Passenger Auto Insurance Marketplace

2nd Look 2022: The Commercial Auto Insurance Marketplace in Massachusetts

1st Look 2022: The Commercial Auto Insurance Marketplace in Massachusetts

View More CAR News

Massachusetts Law Updates

Front view of the Quincy Mass. Masonic Temple with Roman Columns

Confused Voicemail Leads to E&O and Coverage Suits

SJC Construed For 1st Time Meaning of “Doing Business As” In Relation to CGL Coverage.

5 Points On New Ruling: Unreasonable Storage Reduces ACV Payment

A short opinion with a disproportionate impact on first-party property damage total loss claims.

Agency Checklist article on COVID-19 Closings in Massachusetts

First State High-Court COVID-19 Decision On Business Interruption Claims

Dismissed by Superior Court, the restaurants took their appeal directly to the SJC.

Vermont Mutual Asks High Court to Reverse Decision $215,000 Attorney Fee Award Payable As Damages under Bodily Injury Coverage

An unusual case involving a breach of warranty claim under Chapter 93A and whether mandatory attorney fee awards apply.

More Mass. Law Updates

DOI News

The 2022 MA Home Insurance Report Part II | MA FAIR Plan Review

The 2022 MA Home Insurance Report | Part I

Mass. Business Entity License Renewals on Hold

DOI Fines Producer $1,250 For Prior Failures To Report After License Lapses

View More DOI News

Insurance Fraud

Quinn Group Ins. Owner’s Trial to Begin on Federal Benefit and Social Security Fraud Today

First Guilty Plea in No-Fault PIP Auto Insurance Fraud Scheme

GM Financial Will Pay Over $1.8 Million For GAP Coverage Refunds and Loan Violations

Insurance Agency To Pay $100,000 Fine And $515,000 In Restitution Under Consent Decree

More Insurance Fraud News

Footer

Agency Checklists

About us
Contact us

14 Summer Street
Suite 102
Malden, MA 02148
617-598-3800

Advertise on Agency Checklists

We offer a variety of ways to get help promote your company or product.

Announcements
Email Sponsorships
Partnerships
Custom Collaborations

*Affiliate Disclosure

Please note that any of Agency Checklists’ articles might contain one or more affiliate links. This means that any subsequent purchase resulting from these links may result in a commission for us, but at no additional cost to you. For example, as an Amazon Associate, Agency Checklists earns a commission from all qualifying purchases. By working with affiliates we can continue to keep Agency Checklists subscription free. Thank you for your support.

SEARCH OUR SITE

Explore Our Archives

Copyright © 2022 · Agency Checklists · All rights reserved.

 

Loading Comments...