Articles about insurance

The Scattered Spider group seems to have switched from high-profile attacks on UK retailers to new campaigns targeting the insurance sector. The group has recently been linked to ransomware incidents affecting US-based Philadelphia Insurance and Erie Insurance, which operates in both the UK and the US.

We spoke to Danny Howett, technical director at global cybersecurity consultancy CyXcel, to discuss why insurance is such an attractive target and some practical steps insurers can take to shore up their defences against increasingly organised cybercriminals.

Continue reading →

A new report from risk solutions company Resilience shows in the first half of 2025, the average cost of an individual ransomware attack rose by 17 percent, while the volume of incurred claims across Resilience's portfolio dropped by 53 percent, highlighting the persistent and destructive threat of financially motivated cybercrime.

Ransomware accounted for almost all (91 percent) of incurred losses, while financially motivated social engineering, especially via tailored attacks bolstered by AI-powered phishing content, fueled 88 percent.

Continue reading →

Almost three-quarters of insurance underwriters say fragmented, siloed, and unstructured data -- not technology -- is the main barrier to AI transformation.

New research carried out by Reuters for technology transformation specialist CI&T shows that data fragmentation, unstructured formats, and siloed systems are the real roadblocks to delivering faster, more accurate underwriting and pricing.

Continue reading →

Apple has launched a new tier of its device protection, support and insurance scheme called AppleCare One. This new level of subscription is aimed at those who have fully bought into the Apple ecosystem, as it makes it possible to cover up to three devices with a single plan.

As well as simplifying the process of getting service and support for Apple devices, AppleCare One addresses one of the key complaints levelled against the program – price. Any three devices are covered by a single $20 plan, which could represent a big saving for some people.

Continue reading →

We all know that businesses are facing a raft of more sophisticated cyberthreats, partly driven by AI. We also know that there can be an impact beyond the financial in terms of damage to reputation and loss of customers.

A new report from cyber insurance specialist Hiscox reveals that 67 percent of organizations report increase in attacks and 34 percent of firms have compromised cybersecurity measures due to lack of expertise in managing emerging tech risks.

Continue reading →

A new report from cyber insurance specialist Coalition finds the majority of 2024 claims (60 percent) originated from business email compromise (BEC) and funds transfer fraud (FTF) incidents, with 29 percent of BEC events resulting in FTF.

Ransomware claims did stabilize in 2024 but they remain the most costly and disruptive type of cyberattack.

Continue reading →

A new report from cyber insurance provider Coalition shows 58 percent of ransomware claims in 2024 started with threat actors compromising perimeter security appliances like virtual private networks (VPNs) or firewalls.

Remote desktop products are the second-most exploited for ransomware attacks at 18 percent. The most common initial access vectors (IAVs) being stolen credentials (47 percent) and software exploits (29 percent). Vendors including Fortinet, Cisco, SonicWall, Palo Alto Networks, and Microsoft build the most commonly compromised products.

Continue reading →

Third-party risk has emerged as a dominant driver of cyber insurance claims and material losses in 2024, according to new data from leading cyber risk solutions company Resilience.

Cyber insurance claims data shows that third-party risk, including ransomware and outages affecting vendors, accounted for 31 percent of all claims in 2024. Even more startling, third-party risk led to claims with incurred losses for the first time ever, making up nearly a quarter (23 percent) of incurred claims in 2024 (compared to none in 2023).

Continue reading →

A new report finds 61 percent of organizations have suffered a security breach in the past year because their policies, governance, and controls failed or were not working effectively. This is costing US businesses $30bn and UK businesses £10bn per year.

The study from security posture management firm Panaseer surveyed 400 security decision makers across the US and UK and found 72 percent have taken out indemnity insurance in response to growing personal liability, whilst 15 percent have considered leaving the industry.

Continue reading →

According to a new report, 80 percent of insured companies that have suffered a data breach didn't have sufficient coverage for the incident.

The study, from cybersecurity optimization platform CYE, finds the average coverage gap is 350 percent, which means that more than 75 percent of the incident was not covered.

Continue reading →

The total number of common vulnerabilities and exposures (CVEs) is expected to increase by 25 percent in 2024 to 34,888 vulnerabilities, or roughly 2,900 per month.

This comes from a new report by 'active insurance' provider Coalition which uses honeypots to monitor for spikes to identify the biggest CVEs before they make news headlines -- thus providing companies with the opportunity to take action before an incident can occur.

Continue reading →

The cybersecurity landscape is changing all the time and security teams are constantly searching for anything that can give them an edge in defending their systems.

We spoke to Rajeev Gupta, co-founder and chief product officer at insurance specialist Cowbell Cyber, about cyber risk assessment and how it can help businesses understand their level of risk and improve it to stay ahead of bad actors and threats like phishing attempts.

Continue reading →

A new report shows that as the severity and sophistication of cyberattacks has increased along with the financial consequences, many companies have been prompted to invest in or review their cybersecurity insurance.

The study of over 600 IT security professionals, conducted by the Ponemon Institute for Recast Software, shows 41 percent say their organization has experienced an increase in the number of cybersecurity incidents in 2023, 61 percent say the total cost of these attacks had averaged $21 million, and 75 percent say their cybersecurity exposure would increase or at best stay the same in the coming year.

Continue reading →

Businesses rely heavily on technology to drive operational efficiency. While this has benefits, it also brings with it challenges and risks, particularly in the realm of cybersecurity. As cyber threats continue to be a persistent concern for businesses there has been a marked surge in demand for cyber insurance as companies recognize the importance of financial protection in the face of data breaches, ransomware attacks, and other cybersecurity incidents. However, as the threat landscape evolves, so does the landscape of cyber insurance, with insurers raising the bar on their security requirements. 

While this is a concern for businesses that want to ensure that they are insured against potential security risks, there are a few considerations that can help improve their risk profile ahead of a potential breach or attack. Fundamental to this is cyber resilience within the broader framework of operational resilience.

Continue reading →

The high costs, both financial and reputational, of dealing with a cyberattack along with tighter regulations that means attacks must be reported have meant that many more organizations are seeking to protect themselves with cyber insurance.

This is still a relatively new and developing field, so what do industry experts think we'll see in the cyber insurance market in 2024?

Continue reading →