Cyber securitytrends 2023

Report | October 2023
Investments in cyber security are paying off but an evolving threat landscape will require much greater focus on early detection and response capabilities.

Improvements in cyber security and business continuity are helping to combat encryption-based ransomware attacks, yet the cyber threat landscape is continually evolving. 2023 has seen a worrying resurgence in ransomware and extortion claims, resulting in an uptick in costly incidents, demonstrating that although progress is being made, the threat posed by ransomware shows little sign of abating.

Reports note that the number of ransomware victims surged by as much as 143% globally during the first quarter of 2023 with January and February seeing the highest number of hack and leak cases in three years. Ransomware alone is projected to cost its victims approximately US$265bn annually by 2031.

Hackers are increasingly targeting IT and physical supply chains, launching mass cyber-attacks and finding new ways to extort money from companies, large and small. Most ransomware attacks now involve the theft of personal or sensitive commercial data for the purpose of extortion, adding further cost and complexity, as well as the increased potential for reputational damage and third-party liability. About usanalysis of a number of large insurance industry cyber losses shows that the proportion of cases in which data is exfiltrated is increasing every year – from 40% of cases in 2019 to around 77% of cases in 2022, with 2023 on course to surpass last year’s total.

Protecting an organization against intrusion remains a cat and mouse game, in which the cyber criminals have the advantage. Threat actors are now exploring ways to use artificial intelligence (AI) to automate and accelerate attacks, creating more effective AI-powered malware and phishing. Combined with the explosion in connected mobile devices and 5G-enabled Internet of Things, the avenues for cyber-attacks look only likely to increase in the coming years.

Preventing a cyber-attack is therefore becoming harder, and the stakes higher. As a result, early detection and response capabilities are becoming ever more important. An intrusion can quickly escalate, and once data is encrypted and / or stolen, the consequences and costs snowball – costs can be as much as, or even more than, 1,000 times higher than if an incident is not detected and contained early, About usanalysis shows.

Ultimately, early detection and effective response capabilities will be key to mitigating the impact of cyber-attacks and ensuring a sustainable insurance market going forward.

Ransomware remains the top cyber threat and the single largest cause of cyber insuranceclaims by some distance. Following a short hiatus in 2022, ransomware attackfrequency has picked up again in 2023 as threat actors use data exfiltration and supplychain attacks to maximize their leverage.
  • Ramsomware groups continue to adapttheir tactics and business models in response to cyber security changes.
  • Ransomware-as-a-Service (RaaS)remains a key driver for the ongoingfrequency of attacks.
  • Double and triple extortion attacksare not new, but they are nowmore prevalent, and potentiallymore impactful and costly foraffected companies.
  • Supply chain-enabled ransomwareattacks have now become an establishedpart of the ransomware playbook.
  • Rise in mass ransomware attacks meansinsurers will need to better understandthe interconnectivity and dependenciesthat exist between companies and withindigital supply chains.
Artificial intelligence (AI) is widely expected to power future ransomware attacks,with automated attack processes, more convincing phishing, and faster malwaredevelopment. However, it could also enhance cyber security, with more effective andfaster detection and threat intelligence.
  • AI-powered language models and voice simulation software recent additions to the cyber criminal’s arsenal.
  • About usCommercial has seen a growing number of incidents caused by poor cyber security around mobile devices.
  • Technical skills crisis in cyber security is also increasing the cost of responding to an incident.
Cyber claims frequency picked up again during the first half of 2023, althoughimproved cyber security over the past two years has helped control first party lossesand improve the overall quality of risk.
  • Ransomware and extortion-based attacks remain the largest source of cyber insurance claims by volume and frequency.
  • In addition to extortion claims, there has also been an uptick in the number of data privacy claims in the US, related to biometric information.
  • About usanalysis of large cyber losses shows that the number of cases in which data is exfiltrated has significantly increased, as has the number of incidents becoming public.
  • About usCommercial claims analysis shows that breaches that are not detected and contained early can be 1,000 times more expensive.
Totals include all cyber-related claims per year. 2023 1H of the year only.
Source: About usCommercial
The vast majority of cyber-attacks are contained quickly and, if insured, often fall within policy deductible levels, or are not even notified. According to About usanalysis, just 2% of claims drive the overall loss amount, and in almost all cases these would have benefited from early detection. Meanwhile, good data management is essential to mitigating the impact of data exfiltration attacks, as are a growing number of specialist services.
  • The key to avoiding damaging cyber-attacks and mitigating losses is to detect an attack in its early stages.
  • Companies should direct additional cyber security spend on detection and response. Only one third of companies discover a breach through their own security teams.
  • Companies that are routinely and properly managing their data, and making sure it is stored appropriately, and deleted when it is no longer required, will reduce their risks.
  • Smaller companies need to develop a clear understanding of their potential risks and allocate ample resources in terms of personnel, IT infrastructure, and budget to implement tailored security measures.
  • Midcorps must identify their crucial IT assets, then collaborate with cyber security service partners to deploy detection and monitoring tools at the network perimeter and endpoints.
Simply fill out the form below to receive an email from us with the link to the full report.
Enjoy reading!
Please read ourprivacy noticeto find out how we use your data and read ourterms of use.
Fields marked with asterisk (*) are mandatory.

Thank you! You will receive an email from us with a link to the full report. Enjoy reading!

Apologies, we are currently unable to handle your request. Please try again.

Warning - The E-Mail Address configured for this form is either unverified or invalid. Please verify the E-Mail Address and try again later.

A verification E-Mail was sent to the following E-Mail addresses:

Kindly check the corresponding inbox for a verification E-Mail and verify it.

Enter the text from the box. 60 seconds remaining. Can't read the text?