Most Cyber Insurance Claims Result from Human Error

About three-quarters of cyber claims notified in 2018 to insurers involved some kind of “easily preventable” human error. Theft of funds, ransomware, extortion and non-malicious data breaches usually start with a human error or oversight, such as clicking on a phishing link.

Last year, London, UK-headquartered underwriter CFC responded to more than 1,000 cyber claims related to theft of funds, data breaches, ransomware and extortion, among others. 

Earlier this year, the insurer, which serves more than 70,000 businesses in over 80 countries, including Canada, released its 2018 cyber claims data, reporting that ransomware was the primary driver for claims in Canada. It represented 32% of all cyber claims notified in 2018, a 9% jump from 2017.

Non-malicious data breaches were the second largest cyber claim type in Canada (24%), followed by malicious data breaches (20%).

“The material impact of a cyber event is real and it is becoming increasingly clear that many events could be prevented through basic employee awareness programs on topics ranging from phishing scams to the importance of password complexity,” said James Burns, cyber product leader at CFC. 

“Cyber risk and security should be top of mind for business leaders.”

Responsibility doesn’t just lie with businesses, Burns said. Cyber insurers providers should be offering comprehensive risk management solutions that include things like cybersecurity training for employees.

“Small businesses in particular might not always have the time or resources required to seek out access to these vital tools, so a cyber insurance policy that can provide this is incredibly valuable,” he said. 

“Along with other monitoring and preparedness tools, cyber education services help keep an event from occurring in the first place and ensure businesses are better able to respond and recover if it does.”

Canadian Underwriter:

You Might Also Read:

Wanted: Clarity About Cyber Insurance Cover:

 

 

« Professionals Say Network Security is Getting Harder
Air Travel Needs Stronger Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Siepel

Siepel

Siepel manufactures high quality shielded rooms and anechoic chambers dedicated to TEMPEST, NEMP & HIRF.

Industrial Cyber Security

Industrial Cyber Security

Industrial Cyber Security provides specialist consulting services in enterprise and SCADA system security.

Ethoca

Ethoca

Ethoca is a secure network for card issuers and merchants to connect and work cooperatively outside the payment network in a unique and powerful way.

Arcanum Information Security (AIS)

Arcanum Information Security (AIS)

Arcanum Information Security is a specialist Information Assurance Consultancy and a leading provider of Cyber Security services to UK Defence, UK Government, Enterprise businesses and SMEs.

Data61

Data61

Data61 is Australia’s leading digital research network offering the research capabilities, IP and collaboration programs to unleash the country’s digital & data-driven potential.

Government CSIRT - Chile

Government CSIRT - Chile

Government CSIRT is the Computer Security Incident Response Team for State networks and government cyberspace in Chile.

Moxa

Moxa

Moxa is a leading provider of industrial networking, computing, and automation solutions for enabling the Industrial Internet of Things.

WiJungle

WiJungle

WiJungle is an Indian Cyber Security Company that develops and markets a unified network security gateway solution.

Innovent Recycling

Innovent Recycling

Innovent Recycling provides a secure IT recycling & data destruction service to all types of organizations across the UK.

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions is an industry leading Data Sanitization Software, Hardware and Onsite Service Provider.

International Cybersecurity Institute (ICSI)

International Cybersecurity Institute (ICSI)

ICSI is a UK company offering specialized and accredited professional qualifications in cybersecurity for young IT graduates as well as mature professionals.

PyNet Labs

PyNet Labs

PyNet Labs is a Training Company serving corporates as well as individuals across the world with ever-changing IT and technology training.

Memcyco

Memcyco

Memcyco is a provider of cutting-edge digital trust technologies to empower brands in combating online brand impersonation fraud, and preventing fraud damages to businesses and their clients.

TetherView

TetherView

TetherView provides leading virtual desktop and email security technology to help businesses stand up and manage digital workspaces.

Pulsar Security

Pulsar Security

Pulsar Security is a team of highly skilled, offensive cybersecurity professionals with the industry's most esteemed credentials and advanced real-world experience.

HanaByte

HanaByte

HanaByte is a security consultancy focused on delivering state of the art solutions in the cloud. We specialize in delivering cloud services with an emphasis on security.