Most Cyber Insurance Claims Result from Human Error

About three-quarters of cyber claims notified in 2018 to insurers involved some kind of “easily preventable” human error. Theft of funds, ransomware, extortion and non-malicious data breaches usually start with a human error or oversight, such as clicking on a phishing link.

Last year, London, UK-headquartered underwriter CFC responded to more than 1,000 cyber claims related to theft of funds, data breaches, ransomware and extortion, among others. 

Earlier this year, the insurer, which serves more than 70,000 businesses in over 80 countries, including Canada, released its 2018 cyber claims data, reporting that ransomware was the primary driver for claims in Canada. It represented 32% of all cyber claims notified in 2018, a 9% jump from 2017.

Non-malicious data breaches were the second largest cyber claim type in Canada (24%), followed by malicious data breaches (20%).

“The material impact of a cyber event is real and it is becoming increasingly clear that many events could be prevented through basic employee awareness programs on topics ranging from phishing scams to the importance of password complexity,” said James Burns, cyber product leader at CFC. 

“Cyber risk and security should be top of mind for business leaders.”

Responsibility doesn’t just lie with businesses, Burns said. Cyber insurers providers should be offering comprehensive risk management solutions that include things like cybersecurity training for employees.

“Small businesses in particular might not always have the time or resources required to seek out access to these vital tools, so a cyber insurance policy that can provide this is incredibly valuable,” he said. 

“Along with other monitoring and preparedness tools, cyber education services help keep an event from occurring in the first place and ensure businesses are better able to respond and recover if it does.”

Canadian Underwriter:

You Might Also Read:

Wanted: Clarity About Cyber Insurance Cover:

 

 

« Professionals Say Network Security is Getting Harder
Air Travel Needs Stronger Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cleo

Cleo

Cleo is a leader in secure information integration, enabling both ease and excellence in business data movement and orchestration.

Eustema

Eustema

Eustema designs and manages ICT solutions for medium and large organizations.

Intezer Labs

Intezer Labs

The only solution replicating the concepts of the biological immune system into cyber-security. Intezer provides enterprises with unparalleled Threat Detection and accelerates Incident Response.

CERT.lu

CERT.lu

CERT.lu is an initiative to enhance cyber security practices and techniques, and support security professionals in Luxembourg.

SenseOn

SenseOn

SenseOn’s multiple threat-detection senses work together to detect malicious activity across an organisation’s entire digital estate, covering the gaps that single point solutions create.

Information & eGovernment Authority (iGA) - Bahrain

Information & eGovernment Authority (iGA) - Bahrain

The Information & eGovernment Authority facilitates many services catering to different parts of the community within the IT sector in Bahrain including information security.

CyberStream

CyberStream

CyberStream, a division of the TechStream Group, is an information & cybersecurity talent acquisition solution provider.

IFE Digital Systems

IFE Digital Systems

IFE Digital Systems conducts research, development and consultancy in risk, safety and security related to digital systems in critical infrastructure.

SpyCloud

SpyCloud

SpyCloud is a leader in account takeover (ATO) prevention, protecting billions of consumer and employee accounts either directly or through product integrations.

BlueRiSC

BlueRiSC

BlueRiSC invent cutting-edge system assurance solutions for the 21st century with novel software and hardware designs focusing on security technologies that can be game changing.

Silicon Cloud International

Silicon Cloud International

Silicon Cloud is a high performance and secure cloud computing platform for engineering and scientific applications.

Glocomp Systems

Glocomp Systems

Glocomp Systems is one of Malaysia’s premier ICT infrastructure distributor offering a comprehensive portfolio of solutions including cybersecurity and privacy.

Armolon

Armolon

Armolon provides comprehensive data breach and cybersecurity, as well cybersecurity audits and certifications, and disaster recovery/business continuity services to clients.

CYBHORUS

CYBHORUS

CYBHORUS are a team of Italian cyber security experts, specialized in cyber threat defense and strategic and organizational consulting.

vpnMentor

vpnMentor

We started vpnMentor to offer users a really honest, committed and helpful tool when navigating VPNs and web privacy.

Issue53

Issue53

Issue53 is a complete technology solution provider offering Managed IT services, Network Security, Cloud Computing, and Data Backup and Recovery.