TOP
It’s in the news daily - data breaches cost American companies billions of dollars annually. Over the past 12 months, cybercriminals have moved away from selling stolen data on the dark web, to even quicker payouts via ransomware and email compromise.
Small businesses remain vulnerable to cyberattacks, and even a relatively minor cyber event can be costly. The median cost of a data breach to a small business is nearly $40,000 and the average costs more than triple to $134,000. As company size increases, the costs rise steeply.1 Knowing the types of attacks that occur is as important as knowing the right steps to prevent and mitigate them. Companies may be aware of the risk but have no idea what to do about it. Fortunately, many options exist to assist with preventing and responding to this evolving cybercrime landscape.
Following is a summary of a few of the cybercrime trends affecting Commercial lines of insurance as well as some steps to help prevent and mitigate them.
Many types of scams exist to steal personal identifiers with the ultimate goal of financial fraud. Complicating the problem is that some forms of fraud can go undetected for many years, as criminals use victims’ Social Security numbers to take out loans, open new accounts, or fraudulently receive medical care.
The best offense against theft is a good technical defense:
CyberScout predicts a shift from traditional cyber-attack methods to a new one called illicit cryptomining. This occurs when a device is being used to mine cryptocurrency by a hacker without the user’s consent. Using this sophisticated method, criminals hijack computer processing power from corporations or personal-use systems. The most common form of illicit cryptocurrency mining (or cryptojacking) makes use of malware - covert software which can be secretly run on a computer without the user’s knowledge. Unlike other types of malware, cryptojacking scripts do not steal the victims’ data which is stored on the computer. Instead, cryptojacking can drain computing power and damage computer systems from a business without them knowing, and most cryptomining targets don’t realize they’re affected unless their computers slow down - over time wasting productivity and resources.
This type of cybercrime decreased in 2018. With increased regulatory scrutiny of data breaches, organizations have become more educated on the right way to dispose of unnecessary data. Also, a move toward virtual data storage in the cloud reduces the chance that paper records or hard drives will lose data through theft or improper disposal. If your company still uses hard drives and paper records, be sure to take data security precautions.
When looking to safeguard systems and reduce cyber risk, companies must learn what “best in class” cyber risk prevention looks like. This means ranking security over convenience - doing things safely instead of doing things quickly. Businesses must offer ongoing education to all employees about security best practices as well as investing in preventative technology and procedures. Yes, cyber events will continue to be a challenge, but creating trusted partnerships with insurers and cybersecurity vendors can begin to shift the tide.
Eric Warbasse leads the insurance and emerging markets business development teams at CyberScout. He has more than 20 years of management and leadership experience. Eric is passionate about creating solutions that reduce cyber risks and maximize value for institutions of all sizes and industries.
