June 13, 2024 at 05:17PM
In 2023, cyber-insurance claims hit a new high, with over 1,800 claims from the US and Canada. The surge was attributed to more complex cyberattacks, increased privacy claims, a rise in organizations purchasing cyber insurance, and the MOVEit file transfer supply chain breach. Healthcare had the highest claims at 17%, followed by communications, education, retail/wholesale, and financial institutions. The number of cyber-extortion events increased, with median payments rising from $335,000 to around $6.5 million. Negotiating extortion payments proved effective, resulting in a decrease in ransom payments.
Based on the meeting notes provided, the key takeaways are:
– Cyber-insurance claims reached a record high in 2023, with over 1,800 claims from the US and Canada, attributed to the sophistication of cyberattacks, privacy claims, increased cyber insurance purchases, and the MOVEit file transfer supply chain breach.
– Healthcare had the highest percentage of claims at 17%, followed by communications (16%), education (9%), retail/wholesale (8%), and financial institutions (8%).
– The number of clients reporting cyber-extortion events increased from 172 in 2022 to 282 in 2023, with median extortion payments rising from $335,000 to approximately $6.5 million. Extortion demands by threat actors also increased from $1.4 million to $20 million.
– Negotiating extortion payments proved effective in reducing the final ransom payment, with the percentage of companies paying a ransom falling to 23% in 2023 from 30% in 2022.
Overall, the meeting notes highlight the escalating cyber threats and the significant impact on various industries, as well as the effectiveness of negotiating extortion payments in mitigating ransom payments.