Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity NewswireCybersecurity News

Ransomware payments shrank from 44% to 12%

insurance-freepik
October 25, 2021

Corvus Insurance released findings from its Corvus Risk Insights Index, a compilation of industry trends and data analysis based on the company’s IT security scanning technology, as well as other first- and third-party data sources. The report provides an inside look at the insights and tools used by risk managers, IT departments, security researchers, and solution providers to hone their offerings and approaches to keeping organizations safe from evolving cyber threats.


This edition of the Corvus Risk Insights Index focuses specifically on Cyber and Technology E&O (Errors and Omissions) risk. It is broken down into four sections: litigation risk, cyber risk technologies, ransomware, and cyber vulnerability. All sections include contextual background on how foundational security methods can impact cybersecurity posture across organizations, pointing to how key indicators have fluctuated throughout the past few years.

 

Ransomware claims and costs 

Ransomware has quickly become a dominant force in cyber risk, but its proliferation and the range in demands across various industries have continued to fluctuate. Corvus recognized a rise in ransomware claims from Q2 2020 through Q1 2021 (0.25% to 0.58% increase in frequency) but then experienced a drop by 50% in Q2 2021 that largely sustained through Q3 2021. 


While the reduced frequency is believed to be attributed to the shutdown of prolific ransomware groups Darkside and REvil during Q2 2021, the costs associated with a ransomware claim have continued to shift as recovery remains top of mind for businesses. 


Breach response costs (for assistance in legal, forensics and recovery efforts) increased from 29% to 52% of overall claim costs, while business interruption costs shrunk as a percentage. Ransomware claims resulting in a ransom payment shrank from 44% in Q3 2020 to just 12% by Q3 2021.


This decrease in the demand-to-pay ratio is likely due to improved preparedness and resiliency for policyholders and their backups, allowing for breach response professionals to handle ransomware situations more efficiently and get companies back online faster.


Overall, ransomware attacks remain costly as the average cost for 2021 remains steady at $142,000 — almost identical to the previous year’s average. While there was a spike in the average cost of a ransomware attack in Q3 2021, which may appear to show again for threat actors, the average comprises fewer overall attacks and fewer attacks where any ransom was paid.

 

Litigation risks for tech vendors

For technology vendors, a cyberattack or other outage linked to their products or services can result in major costs from defending lawsuits brought by customers who suffered outages or lost data as a result of the incident — and that is on top of any first-party remediation and recovery efforts.


A company with 250 or more employees is 216% more likely to sue their tech vendor than a company with 10 or fewer employees and twice as likely as a company with 11-50 employees. Media companies (publishers, TV networks, etc.) and metals manufacturers are 50% more likely to sue their technology vendors than the average business, while insurers are around 20% more likely.

 

Post-COVID security & IT trends 

COVID-19 ignited rapid shifts in technology usage as remote work became more prevalent. The scan provided data to analyze trends from two major IT security measures: accessible remote desktop protocol (RDP) and email security.


After RDP became widely classified as an attack vector in 2020, its presence in IT systems dropped by 50% in 2021. 


Email phishing continues to be a popular launching pad for cybercrimes against businesses. Still, fortunately, there are a number of cloud-based security tools that can be implemented to thwart these threats. 


Corvus recognized a 2.5x (158%) lift in the usage of email security software across all industries, contributing to the reduction of these widespread threats.


“Over the past few years, the cybersecurity landscape has completely erupted with sophisticated forms of cyberattacks, creating many challenges for today’s security professionals,” said Phil Edmundson, Founder and CEO of Corvus Insurance. “This report provides the analysis needed to empower organizations to continue enhancing their offerings and keep our world safe from destructive threat actors.”


You can access the full Corvus Risk Insight Index here.

KEYWORDS: cyber security information security ransomware risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Internal computer parts

Critical Software Vulnerabilities Rose 37% in 2024

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Person working on laptop

Governance in the Age of Citizen Developers and AI

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • ransomware cyber

    New ransomware task force seeks to disrupt ransom payments

    See More
  • crypto-currencies-freepik-93205.jpg

    Biden administration to issue sanctions to counter ransomware payments

    See More
  • cyber-physical systems (CPS)

    Healthcare organizations report ransomware payments over $500,000

    See More

Events

View AllSubmit An Event
  • September 3, 2024

    From DDoS Protection to WAAP: How Layered Protection Enhances Your Cybersecurity Strategy

    ON DEMAND: By participating in the webinar, attendees will gain enhanced knowledge of cyber threats and understand the current spectrum of cyber threats facing businesses.
  • March 6, 2025

    Why Mobile Device Response is Key to Managing Data Risk

    ON DEMAND: Most organizations and their associating operations have the response and investigation of computers, cloud resources, and other endpoint technologies under lock and key. 
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing