Most Cyber Insurance Claims Result from Human Error

About three-quarters of cyber claims notified in 2018 to insurers involved some kind of “easily preventable” human error. Theft of funds, ransomware, extortion and non-malicious data breaches usually start with a human error or oversight, such as clicking on a phishing link.

Last year, London, UK-headquartered underwriter CFC responded to more than 1,000 cyber claims related to theft of funds, data breaches, ransomware and extortion, among others. 

Earlier this year, the insurer, which serves more than 70,000 businesses in over 80 countries, including Canada, released its 2018 cyber claims data, reporting that ransomware was the primary driver for claims in Canada. It represented 32% of all cyber claims notified in 2018, a 9% jump from 2017.

Non-malicious data breaches were the second largest cyber claim type in Canada (24%), followed by malicious data breaches (20%).

“The material impact of a cyber event is real and it is becoming increasingly clear that many events could be prevented through basic employee awareness programs on topics ranging from phishing scams to the importance of password complexity,” said James Burns, cyber product leader at CFC. 

“Cyber risk and security should be top of mind for business leaders.”

Responsibility doesn’t just lie with businesses, Burns said. Cyber insurers providers should be offering comprehensive risk management solutions that include things like cybersecurity training for employees.

“Small businesses in particular might not always have the time or resources required to seek out access to these vital tools, so a cyber insurance policy that can provide this is incredibly valuable,” he said. 

“Along with other monitoring and preparedness tools, cyber education services help keep an event from occurring in the first place and ensure businesses are better able to respond and recover if it does.”

Canadian Underwriter:

You Might Also Read:

Wanted: Clarity About Cyber Insurance Cover:

 

 

« Professionals Say Network Security is Getting Harder
Air Travel Needs Stronger Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

44CON

44CON

44CON is an Information Security Conference & Training event taking place in London. Designed to provide something for the business and technical Information Security professional.

Jones Day

Jones Day

Jones Day is an international law firm based in the United States. Practice areas include Cybersecurity, Privacy & Data Protection.

Outpost24

Outpost24

Outpost24 provides easy to deploy and intuitive solutions to continuously identify, remediate and mitigate vulnerabilities in your network.

CONCERT

CONCERT

CONCERT is a Computer Emergency Response Team and cyber security information sharing network for companies, institutes and government in Korea.

Cybercrowd

Cybercrowd

Cybercrowd is a cyber security specialist offering technical services, cyber security assessments, guidance and security thought leadership.

Galois

Galois

Galois specializes in the research and development of new technologies that solve the most difficult problems in computer science.

Pentagon Group

Pentagon Group

Pentagon Group is a provider of security services in high-risk environments, remote areas and emerging markets in support of land-based, aviation, maritime and cyber operations.

Quadible

Quadible

Quadible BehavAuth is an AI-platform that continuously authenticates the users, without the need of any input, by learning their behavioural patterns.

Sanderson Recruitment

Sanderson Recruitment

Sanderson is a recruitment company providing expert recruitment services in areas including Cyber & Information Security.

Vector Informatik

Vector Informatik

Vector Informatik is a specialist in automotove electronics and provides services, embedded software and tools for securing embedded systems against cyber-attacks.

Darkbeam

Darkbeam

Darkbeam provides a unified solution to protect against security, brand and compliance risks across your digital infrastructure.

PhishProtection

PhishProtection

We created Phish Protection to prevent all types of phishing including spear phishing protection and office 365 email protection for your small business.

CybersCool Defcon

CybersCool Defcon

CybersCool is committed to educate and train, re-skill and up-skill the current workforce of various industries and businesses in the knowledge and know-how of cybersecurity.

Kaesim Cybersecurity

Kaesim Cybersecurity

Kaesim are a global team of cybersecurity experts protecting businesses since 2015. We stop bad people damaging your business, your data and your reputation.

Anzen Technology Systems

Anzen Technology Systems

Anzen create software solutions which allows organisations to utilize the public cloud for sensitive or classified information, whilst increasing data security and retaining data sovereignty.

CODA Intelligence

CODA Intelligence

CODA's AI-powered attack surface management platform helps you sort out the important remediations needed in order to avoid exploits on your systems.