A New Approach To Cyber Security Helps Resist Extortion

Uploaded on 2023-06-07 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

Specialist insurance firm Resilience has launched the first edition of its annual Claims Report, illuminating how a new approach to cyber risk is helping to reverse the trend in ransomware attacks.

At the same time as attacks skyrocketed in late 2022 and early 2023, the Claims Report reveals that nearly 80% of organisations hit by ransomware recovered data and systems without paying a ransom, a marked improvement from current industry standards.

The cost of cyber crime is expected to reach $10.5 Trillion by 2025, outpacing investment in security and insurance by more than a factor of five. With only 65% of organisations stating that they plan to increase security spending this year, a new approach to improve cyber resiliency is needed.

The findings of this analysis shed light on effective strategies to build cyber resilience. In particular, Resilience’s  report reveals that by balancing risk acceptance, mitigation, and transfer, organisations are able to significantly strengthen their ability to recover data and maintain business operations in the face of ransomware attacks, without making an extortion payment.

“We founded Resilience because we believed that the current approach to defending the digital ecosystem was inadequate,” said Vishaal Hariprasad, co-founder and CEO of Resilience. “By bringing together risk, finance, and security roles which previously operated in silos, we can deliver a completely new approach: Cyber Resilience. Our clients’ success in mitigating the threat of ransomware validates this approach and spotlights the opportunity for the digital economy to rethink how they approach risk.”

Key Findings

The Claims Report examines the full year 2022 through the first quarter of 2023 and key finding include:  

  • Ransomware notices grew by 33% into Q3 2022 and then doubled in Q4 2022. This rapid growth held consistent in Q1 2023.
  • Among all primary claim notices, phishing is the lead point of failure (23.4% of all claims). Risk from third-party vendors is a close second at 22.1% of all claims.
  • Ransomware (17.8%) was the leading cause of loss for claims. Transfer fraud (17%) vendor data breaches (11.8%), and business email compromise (10.4%) followed.
  • 100% of Resilience Solution clients were able to avoid making an extortion payment in 2022
  • Resilience clients were half as likely to pay a ransomware extortion, compared to industry averages. 
  • In one example, an educational institution began working with Resilience following two previous breaches to improve its security posture and qualify for better insurance coverage.

Resilience partnered with this educational organisation to implement specific security controls and develop an incident response to mitigate future threats. When the organisation experienced a phishing incident one month later, the issue was resolved within days.

Despite starting with substandard security controls, Resilience was able to work with this client to restore its reputation and shore up its defences against cyber attacks.

“The cyber insurance model is broken,” said Mario Vitale, President of Resilience. “It’s stuck in analog, while the digital world is rapidly changing. We’re doing for cybersecurity what insurance companies did for property, auto, and healthcare: pair technology and finance to shape behaviour and drive better outcomes. The results are impressive, and we’re just getting started.”

The findings of Resilience’s 2022 Claims Report support their model of a holistic approach to managing risk. The company recently introduced the Resilience Solution, which builds on this model to empower organisations with a significantly easier and more effective platform for cyber risk quantification, assessment, control, and financing.

You Might Also Read: 

Take Practical Measures To Avoid An Attack:

____________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« A Decade Of ‘Bad Magic’ In Cyber Espionage
Iranian Hackers Using Windows Kernel Driver »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Malware.lu

Malware.lu

Malware.lu is a repository of malware and technical analysis. The goal of the project is to provide samples and technical analysis to security researchers.

Evok

Evok

EVOK is an IT Service provider specialized in installing, maintaining and supporting IT infrastructures for SMB's in Switzerland.

SecWest

SecWest

SecWest is the organizer of CanSecWest, PACSEC, originator of PWN2OWN, security auditing, and virtual engagement/training.

LIFARS

LIFARS

LIFARS is a global leader in Digital Forensics and Cyber Resiliency Services.

TES

TES

TES is a provider of IT Lifecycle Services, offering bespoke solutions that help customers manage the commissioning, deployment and retirement of Information Technology assets.

iSolutions

iSolutions

iSolutions is an official reseller and engineering company of leading products and solutions for cybersecurity and information protection, optimization, visualization and control of applications

Conversant Group

Conversant Group

Conversant Group is an IT infrastructure and security consulting company, providing technical, organizational, procedural, and process consulting internationally.

Legit Security

Legit Security

Legit Security's mission is to secure every organization's software factory by protecting the pipelines, infrastructure, code and people for faster and more secure software releases.

Narf Industries

Narf Industries

Narf Industries are a small group of reverse engineers, vulnerability researchers and tool developers that specialize in tailored solutions for government and large enterprises.

ImmuneBytes

ImmuneBytes

ImmuneBytes is a cutting-edge security startup that aims to provide a secure blockchain environment for a dependable and open Web3 ecosystem.

Avint

Avint

Avint delivers transformational cybersecurity solutions that help both commercial and government entities achieve mission success.

CyberHub

CyberHub

CyberHub is an educational platform that offers professional courses and knowledge sharing through articles and videos to help students discover their potential in cybersecurity.

Central Intelligence Agency (CIA)

Central Intelligence Agency (CIA)

The CIA is an independent agency responsible for providing national security intelligence to senior US policymakers. This includes cyber security related activities.

Harbottle & Lewis

Harbottle & Lewis

Harbottle & Lewis is a leading UK-based law firm focused on the Private Client and Technology, Media and Entertainment sectors.

D.med Software

D.med Software

D.med Software is a company with a focus on cybersecurity for embedded software and cloud applications for the medical industry.

Binarii Labs

Binarii Labs

Binarii are focused on helping enterprises to design and deploy SaaS solutions that utilise DLT (Digital Ledger Technology) effectively, efficiently and sensibly.