{"id":21006,"date":"2023-11-16T16:18:44","date_gmt":"2023-11-16T16:18:44","guid":{"rendered":"https:\/\/www.insurance-canada.ca\/?p=78873"},"modified":"2023-11-16T16:18:44","modified_gmt":"2023-11-16T16:18:44","slug":"detection-and-response-tools-increasingly-important-as-cyber-claims-surge-allianz","status":"publish","type":"post","link":"https:\/\/blog.lifeinsurance-orleans.ca\/index.php\/2023\/11\/16\/detection-and-response-tools-increasingly-important-as-cyber-claims-surge-allianz\/","title":{"rendered":"Detection and response tools increasingly important as cyber claims surge: Allianz"},"content":{"rendered":"<h3>Cyber Security Trends 2023<\/h3>\n<div class=\"text\">\n<div class=\"c-copy c-copy--large u-text-hyphen-manual\">\n<ul class=\"c-list\">\n<li class=\"c-list__item\"><b>Ransomware incidents rising again as criminals use data exfiltration and supply chain attacks to maximize their leverage.<\/b><\/li>\n<li class=\"c-list__item\"><b>Allianz Commercial analysis of large cyber losses shows the number of cases in which data is exfiltrated is soaring, as is the number of incidents becoming public.<\/b><\/li>\n<li class=\"c-list__item\"><b>Cyber breaches that are not detected and contained early can be 1,000 times more expensive than those that are.<\/b><\/li>\n<li class=\"c-list__item\"><b>Companies\u2019 cyber security priorities should include bolstering their detection and response capabilities.<\/b><\/li>\n<\/ul>\n<p>Boston, MA (Oct. 30, 2023) \u2013 Following two years of high but stable loss activity, 2023 has seen a worrying resurgence in ransomware and extortion claims as the cyber threat landscape continues to evolve, Allianz Commercial warns in a new report.<\/p>\n<\/div>\n<\/div>\n<p>Hackers are increasingly targeting IT and physical supply chains, launching mass cyber-attacks, and finding new ways to extort money from companies, large and small. Most ransomware attacks now involve the theft of personal or sensitive commercial data for the purpose of extortion, increasing the cost and complexity of incidents, as well as bringing greater potential for reputational damage. Allianz Commercial analysis of large cyber losses shows the number of cases in which data is exfiltrated is increasing every year \u2013 doubling from 40% in 2019 to almost 80% in 2022, with 2023 significantly higher.<\/p>\n<p>\u201cCyber claims frequency has picked up again this year as ransomware groups continue to evolve their tactics,\u201d says Scott Sayce, Global Head of Cyber, Allianz Commercial. \u201cBased on claims activity during the first half of 2023, we expect to see around a 25% increase in the number of claims annually by year-end. The attackers are back, and focused again on Western economies, with more powerful tools, enhanced processes, and attack mechanisms. Given this dynamic, a well-protected company is necessary to stand up to the threat and, increasingly, the most important element of this is developing strong detection and fast response capabilities.\u201d<\/p>\n<h4>How is ransomware risk evolving?<\/h4>\n<p>According to the Allianz Commercial report, Cyber security trends 2023: The latest threats and risk mitigation best practice \u2013 before, during and after a hack, the frequency of cyber claims stabilized in 2022, reflecting improved cyber security and risk management actions among insured companies. Law enforcement agencies targeting ransomware gangs, together with the Ukraine Russia conflict, are also thought to have helped curtail ransomware activity. However, ransomware activity alone was up 50% year-on-year during the first half of 2023. So-called Ransomware-as-a-Service (RaaS) kits, where prices start from as little as US$40, remain a key driver in the frequency of attacks. Ransomware gangs are also carrying out more attacks faster, with the average number of days taken to execute one falling from around 60 days in 2019 to four.<\/p>\n<p>\u201cDouble and triple extortion incidents \u2013 using a combination of encryption, data exfiltration and Distributed Denial of Service attacks \u2013 to obtain money are not new but they are now more prevalent,\u201c says Michael Daum, Global Head of Cyber Claims, Allianz Commercial. \u201cSeveral factors are combining to make data exfiltration more attractive for threat actors. The scope and amount of personal information being collected is increasing, while privacy and data breach regulations are tightening globally. At the same time, the trends towards outsourcing and remote access leads to more interfaces for threat actors to exploit.\u201d<\/p>\n<p>Data exfiltration can significantly add to the cost of a loss or cyber claim. Such incidents can take longer to resolve, while legal and IT forensics can be extremely expensive. If data has been stolen, companies must know exactly what data has been exfiltrated and will likely have to notify customers, who could seek to claim compensation or threaten litigation.<\/p>\n<p>This year has also seen several large mass ransomware attacks as threat actors used exploits in software and weaknesses in IT supply chains to target multiple companies. For example, the MOVEit mass cyber-attack, which exploited a data transfer software product, impacting millions of individuals and thousands of companies, contributed to the increase in the frequency of claims in 2023 to date, affecting multiple policyholders simultaneously.<\/p>\n<p>\u201cMore mass cyber-attacks can be expected in the future,\u201d says Daum. \u201cCompanies and their insurers need to better understand the interconnectivity and dependencies that exist between organizations and within digital supply chains.\u201d<\/p>\n<h4>Growing number of public cases<\/h4>\n<p>In the past the number of cyber incidents that became public knowledge was low. Today, it is a different story, as with data exfiltration, hackers threaten to publish stolen data online. Allianz Commercial analysis of large cyber losses (\u20ac1mn+) shows that the proportion of cases becoming public increased from around 60% in 2019 to 85% in 2022 with 2023 set to be even higher. \u201cToday, if you have data exfiltration it will likely go public, and every company needs to be prepared for this,\u201d says Rishi Baviskar, Global Head of Cyber Risk Consulting, Allianz Commercial.<\/p>\n<p>With potentially costly financial and reputational consequences, companies may feel under more pressure to pay ransoms where data has been stolen. The number of companies paying a ransom has increased year-on-year \u2013 from just 10% in 2019 to 54% in 2022, again based on analysis of large losses only (\u20ac1mn+). Companies are two-and-a half times more likely to pay a ransom if data is exfiltrated, on top of the encryption.<\/p>\n<p>However, paying a ransom for exfiltrated data does not necessarily resolve the issue. The company may still face third party litigation for the breach of data, especially in the US. Indeed, there are few cases where a company should believe that there is no other solution other than paying the ransom to be able to re-access its systems or data. Any impacted party should always inform and cooperate with the authorities.<\/p>\n<h4>The importance of early detection and fast response<\/h4>\n<p>Protecting an organization against intrusion remains a cat and mouse game, in which cyber criminals have the advantage. Allianz analysis of more than 3,000 cyber claims over the past five years shows that external manipulation of systems is the cause of more than 80% of all incidents. Threat actors are now exploring ways to use artificial intelligence (AI) to automate and accelerate attacks, creating more effective AI-powered malware, phishing, and voice simulation. Combined with the explosion in connected mobile devices \u2013 Allianz Commercial has seen a growing number of incidents caused by poor cyber security in this area \u2013 attack avenues only look likely to increase.<\/p>\n<p>Preventing a cyber-attack is therefore becoming harder and the stakes higher. As a result, early detection and response capabilities and tools are becoming ever more important. Around 90% of incidents are contained early. However, if an attack is not stopped in the early stages the chances of preventing it becoming something much more serious and costly greatly reduce.<\/p>\n<p>\u201cTraditional cyber security has focused on prevention with the goal of keeping attackers out of a network,\u201d says Baviskar. \u201cWhile investment in prevention reduces the number of successful cyber-attacks there will always be a \u2018gap\u2019 remaining that will enable attacks to get through. For example, it is not possible to stop all employees from clicking on increasingly sophisticated phishing emails.\u201d<\/p>\n<p>Companies should direct additional cyber security spend on detection and response, rather than just adding more layers to protection and prevention. Only one third of companies discover a data breach through their own security teams. However, early detection technology is readily available and effective.<\/p>\n<p>\u201cDetection systems are constantly improving and can save lots of pain, decreasing detection and response times. This is something we look for in our cyber risk assessments and underwriting,\u201d adds Baviskar.<\/p>\n<p>Cyber breaches that are not detected and contained early can be as much as 1,000 times more expensive than those that are, the report highlights, with Allianz Commercial analysis showing that early detection and response can stop a \u20ac20,000 loss turning into a \u20ac20mn one.<\/p>\n<p>\u201cPrevention drives frequency of attacks and response is responsible for how significant the loss will be \u2013 whether it is a minor IT incident or a corporate crisis,\u201d says Daum. \u201cWe believe companies can meaningfully prepare and there is room for improvement in how they respond to these attacker threats. Ultimately, early detection and response capabilities will be key to mitigating the impact of cyber-attacks and ensuring a sustainable cyber insurance market going forward.\u201d<\/p>\n<p>Download the report: <a href=\"https:\/\/commercial.allianz.com\/news-and-insights\/reports\/cyber-security-trends-2023.html#download\" target=\"_blank\" rel=\"nofollow noopener noreferrer\"><em><strong>Cyber security trends 2023: The latest threats and risk mitigation best practice<\/strong><\/em><\/a>.<\/p>\n<h4 class=\"smallhead\"><b>About Allianz Partners<\/b><\/h4>\n<p>Allianz Partners is a world leader in B2B2C insurance and assistance, offering global solutions that span international health and life, travel insurance, mobility and assistance. Customer driven, our innovative experts are redefining insurance services by delivering future-ready, high-tech high-touch products and solutions that go beyond traditional insurance. Our products are embedded seamlessly into our partners\u2019 businesses or sold directly to customers, and are available through several commercial brands including Allianz Assistance, Allianz Travel and Allianz Care. Present in over 75 countries, our 21,900 employees speak 70 languages, handle over 72.5 million cases each year, and are motivated to go the extra mile to offer peace of mind to our customers around the world. For more information, visit <a href=\"https:\/\/www.allianz-partners.com\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">www.allianz-partners.com<\/a>.<\/p>\n<p class=\"referencetext\"><i>SOURCE: Allianz Partners<\/i><\/p>\n<p> Tags: <a href=\"https:\/\/www.insurance-canada.ca\/tag\/allianz\/\" rel=\"tag\">Allianz<\/a>, <a href=\"https:\/\/www.insurance-canada.ca\/tag\/cyber-risk\/\" rel=\"tag\">cyber risk<\/a>, <a href=\"https:\/\/www.insurance-canada.ca\/tag\/cyber-security\/\" rel=\"tag\">cyber security<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cyber Security Trends 2023 Ransomware incidents rising again as criminals use data exfiltration and supply chain attacks to maximize their leverage. Allianz Commercial analysis of large cyber losses shows the number of cases in&#46;&#46;&#46;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[],"tags":[1],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/blog.lifeinsurance-orleans.ca\/index.php\/wp-json\/wp\/v2\/posts\/21006"}],"collection":[{"href":"https:\/\/blog.lifeinsurance-orleans.ca\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.lifeinsurance-orleans.ca\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.lifeinsurance-orleans.ca\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.lifeinsurance-orleans.ca\/index.php\/wp-json\/wp\/v2\/comments?post=21006"}],"version-history":[{"count":0,"href":"https:\/\/blog.lifeinsurance-orleans.ca\/index.php\/wp-json\/wp\/v2\/posts\/21006\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.lifeinsurance-orleans.ca\/index.php\/wp-json\/wp\/v2\/media?parent=21006"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.lifeinsurance-orleans.ca\/index.php\/wp-json\/wp\/v2\/categories?post=21006"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.lifeinsurance-orleans.ca\/index.php\/wp-json\/wp\/v2\/tags?post=21006"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}