During the first half of 2022, the average cost of a claim for a small business owner increased to $139,000, which is 58% higher than levels during the first half of 2021.
“Across industries, we continue to see high-profile attacks targeting organisations with weak or exposed infrastructure — which has become exacerbated by today’s remote working culture and companies’ dependence on third-party vendors,” said Catherine Lyle, Coalition’s Head of Claims. “Small businesses are especially vulnerable because they often lack resources. For these businesses, avoiding downtime and disruption is essential, and they must understand that Active Insurance is accessible.”
The good news: both Coalition and the broader insurance industry observed a decrease in ransomware attack frequency and the amount of ransom demanded between the second half of 2021 and the first half of 2022. Ransomware demands decreased from $1.37M in H2 2021 to $896,000 in H1 2022. Of the incidents that resulted in a payment, Coalition negotiated down to roughly 20% of the initial demand.
More good news: Coalition policyholders experienced 50% fewer claims compared to the broader market. The severity of these claims has also declined, with 45% of incidents resolved at no cost. The substantial decrease in overall claims stems from Coalition’s combination of cybersecurity tools, including active monitoring and alerting, access to digital forensics and incident response, and broad insurance coverage.
“Organisations are increasingly aware of the threat ransomware poses. They have started to implement controls such as offline data backups that allow them to refuse to pay the ransom and restore operations through other means,” said Chris Hendricks, Coalition’s Head of Incident Response. “As ransomware is on the decline, attackers are turning to reliable methods. Phishing, for example, has skyrocketed – and only continues to grow.”
Other key findings:
- Phishing triggers the majority of cyber incidents, accounting for 57.9% of reported claims,
- Cyber gangs have built a thriving business,
- Funds transfer fraud (FTF) claims have held steady thanks to phishing, and
- Microsoft Exchange has become the vulnerability that persists.
To produce this report, Coalition analysed claims data from the 160,000+ organisations it protects for the first half of 2022. By performing billions of security scans across the public internet, sending thousands of critical security alerts, and investigating cyber incidents, Coalition creates a picture of the industry landscape that empowers organisations to understand risk better, allowing the company to defend policyholders better as a result. The data in this report is an aggregation of claims and incident data, including the highest profile claim events and cyber attacks that continue to pose risks to all businesses.
Click here to download the full 2022 Cyber Claims Report: Mid-year Update. To learn more about Coalition, visit coalitioninc.com.
About Coalition
Coalition is the leading provider of cyber insurance and security, combining comprehensive insurance and proactive cybersecurity tools to help businesses manage and mitigate cyber risk. Through its partnerships with leading global insurers, including Arch Insurance North America, Allianz, Ascot Group, Lloyd’s of London, Swiss Re Corporate Solutions, and Vantage, Coalition offers its Active Insurance products in the U.S., U.K., and Canada, and its security products to organizations worldwide. Coalition’s Active Risk Platform provides automated security alerts, threat intelligence, expert guidance, and cybersecurity tools to help businesses remain resilient in the face of cyber attacks. Headquartered in San Francisco, Coalition is a distributed company with a global workforce that collaborates both digitally and in office hubs.