Ransomware payments shrank from 44% to 12%

Corvus Insurance released findings from its Corvus Risk Insights Index, a compilation of industry trends and data analysis based on the company’s IT security scanning technology, as well as other first- and third-party data sources. The report provides an inside look at the insights and tools used by risk managers, IT departments, security researchers, and solution providers to hone their offerings and approaches to keeping organizations safe from evolving cyber threats.

This edition of the Corvus Risk Insights Index focuses specifically on Cyber and Technology E&O (Errors and Omissions) risk. It is broken down into four sections: litigation risk, cyber risk technologies, ransomware, and cyber vulnerability. All sections include contextual background on how foundational security methods can impact cybersecurity posture across organizations, pointing to how key indicators have fluctuated throughout the past few years.

Ransomware claims and costs

Ransomware has quickly become a dominant force in cyber risk, but its proliferation and the range in demands across various industries have continued to fluctuate. Corvus recognized a rise in ransomware claims from Q2 2020 through Q1 2021 (0.25% to 0.58% increase in frequency) but then experienced a drop by 50% in Q2 2021 that largely sustained through Q3 2021.

While the reduced frequency is believed to be attributed to the shutdown of prolific ransomware groups Darkside and REvil during Q2 2021, the costs associated with a ransomware claim have continued to shift as recovery remains top of mind for businesses.

Breach response costs (for assistance in legal, forensics and recovery efforts) increased from 29% to 52% of overall claim costs, while business interruption costs shrunk as a percentage. Ransomware claims resulting in a ransom payment shrank from 44% in Q3 2020 to just 12% by Q3 2021.

This decrease in the demand-to-pay ratio is likely due to improved preparedness and resiliency for policyholders and their backups, allowing for breach response professionals to handle ransomware situations more efficiently and get companies back online faster.

Overall, ransomware attacks remain costly as the average cost for 2021 remains steady at $142,000 — almost identical to the previous year’s average. While there was a spike in the average cost of a ransomware attack in Q3 2021, which may appear to show again for threat actors, the average comprises fewer overall attacks and fewer attacks where any ransom was paid.

Litigation risks for tech vendors

For technology vendors, a cyberattack or other outage linked to their products or services can result in major costs from defending lawsuits brought by customers who suffered outages or lost data as a result of the incident — and that is on top of any first-party remediation and recovery efforts.

A company with 250 or more employees is 216% more likely to sue their tech vendor than a company with 10 or fewer employees and twice as likely as a company with 11-50 employees. Media companies (publishers, TV networks, etc.) and metals manufacturers are 50% more likely to sue their technology vendors than the average business, while insurers are around 20% more likely.

Post-COVID security & IT trends

COVID-19 ignited rapid shifts in technology usage as remote work became more prevalent. The scan provided data to analyze trends from two major IT security measures: accessible remote desktop protocol (RDP) and email security.

After RDP became widely classified as an attack vector in 2020, its presence in IT systems dropped by 50% in 2021.

Email phishing continues to be a popular launching pad for cybercrimes against businesses. Still, fortunately, there are a number of cloud-based security tools that can be implemented to thwart these threats.

Corvus recognized a 2.5x (158%) lift in the usage of email security software across all industries, contributing to the reduction of these widespread threats.

“Over the past few years, the cybersecurity landscape has completely erupted with sophisticated forms of cyberattacks, creating many challenges for today’s security professionals,” said Phil Edmundson, Founder and CEO of Corvus Insurance. “This report provides the analysis needed to empower organizations to continue enhancing their offerings and keep our world safe from destructive threat actors.”

You can access the full Corvus Risk Insight Index here.

Situational awareness should be at the forefront of your security program. It can mean the difference between life and death in a workplace emergency.

Security’s digital transformation is now entering stage 5. Complex security technologies are connected to HR systems, global security operations centers, and other building technologies in a world where employees now work in two places: home and the corporate office.