How to protect against the rising threat of cyber attacks

As the world becomes more reliant on digital infrastructure, the risk and cost of cyber attacks only grow larger. According to CYE's "Inadequacies in Breach Insurance Coverage" analysis report, 80% of insured companies that suffered a data breach had insufficient coverage. Data reveals that the average coverage gap is 350%, or an average of over $27 million in uncovered losses, and in some cyber attack events, the maximum insurance gap reached up to 3000%.

The CYE report emphasizes the pressing need for businesses to reassess their approach to cybersecurity measures, mitigation strategies and their coverage needs. 

Adam Lantrip, senior vice president, professional and cyber solutions practice leader at CAC Specialty, shared the technologies and measures that businesses can take to protect themselves against breaches and cyber threats.

CAC Specialty

"The hard cyber insurance market of 2021-2022 forced many organizations to improve security or implement certain security measures to get the most competitive insurance options available, or even to gain access to the market entirely in some situations. Multi-factor authentication, endpoint detection and response and data leak prevention tools have all become de-facto minimum standards for most cyber insurers, which has helped increase the level of difficulty for bad actors to access an organization's network and made those organizations more resilient and better able to recover quickly when a security event does occur," said Lantrip. "But, as the bad actors' tactics continue to evolve and shift, organizations need to remain vigilant and seek to continuously improve and enhance their security posture to stay a step ahead."

The "Insurtech Global Outlook 2024" report from NTT Data highlights the innovations seen in the insurance industry towards cyber threat prevention, especially in detecting fraud with artificial intelligence (AI) technologies. Its research shows that insurers from the United Kingdom have seen an 800% increase in fraud detection efficiency using AI tools and detection of fraudulent claims increased by 120%. In 2021, U.K. insurers detected 89,000 fraudulent claims.

"AI tools are helping to revolutionize the way we do business, and while many of those changes are positive there are some new risks to navigate for organizations that are embracing AI. Increased regulatory risk, heightened privacy and confidentiality concerns as well as intellectual property risks are some of the most critical in the AI-space today," Lantrip said. "At the same time, attackers are using AI to create and improve on hacking tools as well as create more realistic phishing campaigns, leveraging AI technology to make it easier to compromise an organization's security."

As AI tools present both opportunity and increased risk, businesses must ensure adequate coverage and take proactive measures to mitigate cyber attacks.

"All organizations face cyber risk every day, whether that be from external threat actors seeking a toehold for a larger attack, to an employee inadvertently clicking a link they shouldn't have, to a simple technology failure or outage," explained Lantrip. "A robust security program targeting internal and external threats, frequent employee training on how to spot and avoid phishing or social engineering attacks as well as a forward-looking cybersecurity posture to keep the company's technology and information security tools and defenses improving year after year are key to preventing or mitigating incidents when they arise, with high-quality cyber insurance in place as balance sheet protection."