Most Cyber Insurance Claims Result from Human Error

About three-quarters of cyber claims notified in 2018 to insurers involved some kind of “easily preventable” human error. Theft of funds, ransomware, extortion and non-malicious data breaches usually start with a human error or oversight, such as clicking on a phishing link.

Last year, London, UK-headquartered underwriter CFC responded to more than 1,000 cyber claims related to theft of funds, data breaches, ransomware and extortion, among others. 

Earlier this year, the insurer, which serves more than 70,000 businesses in over 80 countries, including Canada, released its 2018 cyber claims data, reporting that ransomware was the primary driver for claims in Canada. It represented 32% of all cyber claims notified in 2018, a 9% jump from 2017.

Non-malicious data breaches were the second largest cyber claim type in Canada (24%), followed by malicious data breaches (20%).

“The material impact of a cyber event is real and it is becoming increasingly clear that many events could be prevented through basic employee awareness programs on topics ranging from phishing scams to the importance of password complexity,” said James Burns, cyber product leader at CFC. 

“Cyber risk and security should be top of mind for business leaders.”

Responsibility doesn’t just lie with businesses, Burns said. Cyber insurers providers should be offering comprehensive risk management solutions that include things like cybersecurity training for employees.

“Small businesses in particular might not always have the time or resources required to seek out access to these vital tools, so a cyber insurance policy that can provide this is incredibly valuable,” he said. 

“Along with other monitoring and preparedness tools, cyber education services help keep an event from occurring in the first place and ensure businesses are better able to respond and recover if it does.”

Canadian Underwriter:

You Might Also Read:

Wanted: Clarity About Cyber Insurance Cover:

 

 

« Professionals Say Network Security is Getting Harder
Air Travel Needs Stronger Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Ridgeback Network Defense

Ridgeback Network Defense

Ridgeback is an enterprise security software platform that defeats malicious network invasion in real time. Ridgeback champions the idea that to defeat an enemy you must engage them.

Syhunt Security

Syhunt Security

Syhunt is a leading player in the web application security field, delivering its assessment tools to a range of organizations across the globe.

ENLIGHTENi

ENLIGHTENi

ENLIGHTENi are the platform to develop next-gen talent in Technology, Risk, and Cybersecurity. Our mission is to develop next-gen talent through challenge-based learning and team collaboration.

Root9B (R9B)

Root9B (R9B)

R9B offers advanced cybersecurity products, services, and training to enhance the way organizations protect their networks.

C11 Cyber Security & Digital Innovation Centre

C11 Cyber Security & Digital Innovation Centre

C11 is working with local and national partners to develop talent and bring brilliant minds and brilliant businesses together.

Exire Technologies

Exire Technologies

Exire Technologies is comprised of a team of professionals who are specialised in cybersecurity and a value added reseller and integrator of ICT security systems.

PurpleSynapz

PurpleSynapz

PurpleSynapz provides hyper-realistic Cyber Security Training with a modern curriculum and Cyber Range.

Seknox

Seknox

Seknox TRASA™ protects your business from insider threats.

Infosec Cloud

Infosec Cloud

Infosec Cloud is a specialist Cyber Security company offering fully managed Training & Testing Services in addition to market leading Cyber Security technology and accredited professional services.

MoogleLabs

MoogleLabs

MoogleLabs leverage AI/ML, Blockchain, DevOps, and Data Science to come up with the best solutions for diverse businesses.

Protectt.ai Labs

Protectt.ai Labs

Protectt.ai Labs is India’s first mobile security start up building awareness & providing solutions for mobile app, device & transaction security.

Yotta Infrastructure Solutions

Yotta Infrastructure Solutions

Yotta Infrastructure, a Hiranandani group company, provide Datacenter Colocation and Tech Services such as Cloud services, Network & Connectivity, IT Security and IT Management services.

TheHive Project

TheHive Project

TheHive Project is a Scalable, Open Source and Free Security Incident Response Platform for SOC, CSIRT and CERT teams.

Integris

Integris

Integris offers best-in-class services like dedicated vCIOs, specialized security and compliance advisory services, a 24/7 help desk, and more.

TempoCap

TempoCap

TempoCap is a European growth-stage technology fund with offices in London and Berlin. We invest across a variety of high- growth sectors including cybersecurity.

Delta Partners

Delta Partners

Delta Partners is a venture capital firm investing in Ireland and the United Kingdom with a strong focus on early stage technology companies.