Rise in ransomware accelerates cyber insurance adoption

Security operations company Arctic Wolf has released its annual State of Cybersecurity 2024 report, revealing significant global trends and regional differences in cybersecurity measures and risks. The report is based on a comprehensive survey conducted by Sapio Research, comprising over 1,000 senior IT and cybersecurity decision-makers from more than fifteen countries.

The global findings indicate that the escalation in ransomware incidents has rapidly accelerated the adoption of cyber insurance as businesses seek to better manage potential risks. Locally, in Australia and New Zealand (A/NZ), data breaches have driven cybersecurity objectives, with a higher rate of respondents reporting breaches in the past year. Data integrity preservation emerged as the top priority for A/NZ organisations, in contrast to global priorities where it ranks third.

Regarding cyber insurance trends in the A/NZ region, the survey highlights that the costs or potential loss of policy status are the primary factors influencing cybersecurity strategies. However, rising premiums are less of a deterrent compared to global trends, suggesting a more proactive approach towards maintaining active policies.

The report identified Business Email Compromise (BEC) attacks as the top method of attack, with nearly 70% of organisations targeted and 29% experiencing successful breaches. The rise in ransomware attacks was also notable, with 45% of respondents indicating their organisations had been targeted in the last 12 months, with 86% of these attacks resulting in successful data exfiltration.

In terms of transparency, the report found that regulatory pressures are driving organisations towards greater openness following breaches. Two-thirds of breached organisations publicly disclosed the incidents, while 30% communicated the breaches only to the affected parties.

The demand for cyber insurance continues to grow, with a vast majority of organisations either holding an active policy or planning to obtain one this year. Only a small fraction, 5%, have opted not to secure cyber insurance coverage, highlighting its role as an essential component of risk management strategies.

Additionally, the growing use of generative AI and large language models (LLM) has prompted 94% of organisations to either implement or plan to establish adoption and usage policies within the year. This underlines a keen awareness of the potential risks and regulatory challenges associated with such advanced technologies.

Ian McShane, Vice President of Managed Detection and Response (MDR) at Arctic Wolf, commented on the findings, "This year's insights highlight the increasing sophistication of threat actors and the realities of cyber incidents for organisations around the world. Attackers are focusing on the human element, as evidenced by the overwhelming targeting via Business Email Compromise. No matter the method of intrusion, the stakes are even higher for business leaders as most successful ransomware attacks involve data exfiltration."

He added, "While we are encouraged by the increased adoption of cyber insurance and incident response readiness programs, it is clear that there is still work to be done to overcome perennial challenges for cybersecurity leaders, including increased financial and productivity losses due to ransomware."

The State of Cybersecurity: 2024 Trends Report provides essential insights for security executives and practitioners to help their organisations deliver positive security outcomes amid evolving threats. It is seen as a crucial resource for understanding and navigating the complexities of the modern cybersecurity landscape.