Organisations refuse to pay ransoms in fresh wave of attacks: Resilience

Sarah JollyMay 24, 2023

worried asian young woman looking at laptop computer with ransomware attack words on the screen at home — Credit: Shutterstock/aslysun

The majority of organisations hit by ransomware attacks (80%) recovered data and systems without paying a ransom as attacks “skyrocketed”, according to cyber risk firm Resilience. Ransomware attacks doubled in frequency in the last quarter of 2022 and into Q1 2023, Resilience said, but new approaches to cyber risk have helped organisations fend off ransom demands.

Publishing its first annual claims report, Resilience said: “By balancing risk acceptance, mitigation, and transfer, organisations are able to significantly strengthen their ability to recover data and maintain business operations in the face of ransomware attacks, without making an extortion payment.”

The report states none of Resilience’s clients made an extortion payment in 2022, and it claimed Resilience clients were half as likely to pay a ransom to recover systems in a cyberattack compared to industry averages.

CEO of Resilience Vishaal Hariprasad said: “By bringing together risk, finance, and security roles that previously operated in silos, we can deliver a completely new approach: cyber resilience. Our clients’ success in mitigating the threat of ransomware validates this approach and spotlights the opportunity for the digital economy to rethink how they approach risk.”

Ransomware remained the leading cause of loss for claims at 17.8%, according to Resilience’s report, followed closely by transfer fraud at 17%, vendor data breaches at 11.8% and business email compromise at 10.4%.

The report found phishing is the lead point of failure, based on primary claim notices, at 23.4%, followed by risk from third-party vendors at 22.1% of claims.

“The cyber insurance model is broken,” said Mario Vitale, president of Resilience. “It’s stuck in analogue, while the digital world is rapidly changing. We’re doing for cybersecurity what insurance companies did for property, auto, and healthcare: pair technology and finance to shape behaviour and drive better outcomes. The results are impressive, and we’re just getting started.”

Sarah JollyMay 24, 2023

Organisations refuse to pay ransoms in fresh wave of attacks: Resilience

Read Next

Insurtech partners with USAID on climate adaptation programme

ICEYE in data collaboration with Juniper Re on flood and wildfire

Senior appointments in Lockton’s crisis management team

European rates up overall but financial and cyber lines falling: Marsh

European Parliament approves regulation to tackle forced labour

Insurtech partners with USAID on climate adaptation programme

ICEYE in data collaboration with Juniper Re on flood and wildfire

Senior appointments in Lockton’s crisis management team

European rates up overall but financial and cyber lines falling: Marsh

European Parliament approves regulation to tackle forced labour

Read Next

Insurtech partners with USAID on climate adaptation programme

ICEYE in data collaboration with Juniper Re on flood and wildfire

Senior appointments in Lockton’s crisis management team

European rates up overall but financial and cyber lines falling: Marsh

European Parliament approves regulation to tackle forced labour

Related Articles