Cyber Attacks Cause Catastrophic Business Loss

Uploaded on 2022-07-06 in FREE TO VIEW, BUSINESS-Services-Financial

A report from the US Government Accountability Office (GAO) has warned that private insurance companies are increasingly backing out of covering damages from major cyber attacks, leaving American businesses facing “catastrophic financial loss” unless another insurance model can be found. 

“Cyber insurance can help offset costs of some common cyber risks, like data breaches or ransomware. Cyber risks are growing, and cyber attacks targeting critical infrastructure, like utilities or financial services, could affect entire systems and result in catastrophic financial loss,” says the GAO Report.

The growing challenge of covering cyber risk is examined in the GAO report, which calls for a government assessment of whether a federal cyber insurance option is needed. The GAO report draws on threat assessments from the National Security Agency (NSA), Office of the Director of National Intelligence (ODNI), Cybersecurity and Infrastructure Security Agency (CISA), and Department of Justice to quantify the risk of cyber attacks on critical infrastructure, identifying vulnerable technologies that might be attacked and a range of threat actors capable of exploiting them.

Referring the current ODNI Annual Threat Assessment Report the GAO report finds that hacking groups linked to Russia, China, Iran, and North Korea pose the greatest threat to US infrastructure, along with certain non-state actors like organised cybercriminal gangs. “Although federal agencies do not have a comprehensive inventory of cybersecurity incidents,” the report reads, “several key federal and industry sources show an increase in most types of cyberattacks across the United States, including those affecting critical infrastructure, and significant and increasing costs for cyber attacks.”

In 2016, US businesses and public bodies were hit with a total of 19,060 incidents in the four major categories, ransomware, data breaches, business email compromise, and denial of service attacks, with a total cost of $470 million, per a GAO analysis of FBI reports. In 2021, there were 26,074 incidents, and the total cost was close to $2.6 billion.

According to the US Department of the Treasury, some insurers have also been mitigating their exposure by lowering the maximum amount that a policy will pay out in the case of a cyber attack as well as  increasing premiums to protect themselves from losses. 

Further evidence that some insurance companies are pulling back from coverage in infrastructure sectors entirely, the GAO found, judging the risk of attack as too high. Overall, the GAO report suggests that CISA and the Federal Insurance Office undertake an assessment into whether the above factors necessitate a federal insurance response along the lines of FDIC insurance for bank deposits and the National Flood Insurance Program.

US GAO:      US GAO:    US DNI:    The Verge:   ZDNet:   CPS-VO:   InsideERA:   

You Might Also Read: 

Global Cyber Security Insurance Market Will Grow To $61.2B:

 

« Google Improves Password Manager Platform Security
How Do You Solve A Problem Like The Cyber Security Skills Gap? »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

WatchGuard

WatchGuard

WatchGuard is a leader in network security, secure Wi-Fi, and network intelligence products and services for SMBs and Enterprises worldwide.

Firebrand

Firebrand

Firebrand is the leader in Accelerated Learning in the field of IT and project management.

CYBER 1

CYBER 1

CYBER 1 provides cyber security solutions to customers wanting to be resilient against new and existing threats.

Towergate Insurance

Towergate Insurance

Towergate Insurance is a leading UK specialist insurance broker. Business products include Cyber Liability Insurance.

Cybertron

Cybertron

Cybertron services include real-time monitoring and incident response and a cyber range for competency development.

SenseOn

SenseOn

SenseOn’s multiple threat-detection senses work together to detect malicious activity across an organisation’s entire digital estate, covering the gaps that single point solutions create.

Cyberhaven

Cyberhaven

Cyberhaven provides rapid enablement for GDPR and CCPA compliance, streamlined data security and modern risk management.

GuardSI

GuardSI

GuardSI was created to protect companies from growing threats to security such as fraud, hacking, internal theft, accidents and human mistakes that can directly affect the business.

Elpha Secure

Elpha Secure

Elpha Secure provides a comprehensive cybersecurity solution, combining technology and insurance to protect against cyber threats.

OnDefend

OnDefend

OnDefend delivers information security solutions that improve overall security posture, reduce risks and defend against continually evolving and persistent cyber adversaries.

Real Protect

Real Protect

Real Protect is a Brazilian provider of managed security (MSS) and cyber defense services.

Route1

Route1

Route1 is an advanced provider of secure data intelligence solutions to drive your business forward.

Indevtech

Indevtech

Indevtech has been serving Hawaii since 2001, providing end-to-end managed IT services to small- and medium-businesses.

Stack Overflow

Stack Overflow

Founded in 2008, Stack Overflow’s public platform is used by nearly everyone who codes to learn, share their knowledge, collaborate, and build their careers.

Prismo Systems

Prismo Systems

Prismo provides a unified platform to secure software development across the entire SDLC and deployment on any cloud or on-premises infrastructure.

Office of Cyber Security and Information Assurance (OCSIA) - Isle of Man

Office of Cyber Security and Information Assurance (OCSIA) - Isle of Man

OCSIA acts as the focal point in developing the Isle of Man’s cyber resilience, working in partnership with private and third sector organisations across the Island alongside the wider population.