With three quarters’ worth of data now available for 2022, we can see a decline in system infiltration as a cause of loss from 2021 to 2022 for all industries except healthcare. Though there are many factors that drive the ebb and flow of incidents, we’d like to think that greater recognition and efforts towards cybersecurity by policyholders has played a role in this shift – and we encourage continued diligence in this area.

It's worth noting here that deficient asset management practices can certainly expose an organization to a system infiltration. Read on to learn more about how your organization can protect itself through good asset management.

Despite an overall decline in incidents, fraudulent instruction is on the rise. Professional service firms experienced more fraudulent instruction and almost as many business email compromise incidents so far in 2022 as in the whole of 2021.

Ransomware vectors are volatile as always, with phishing holding steady in the last two quarters. The rise in unknown vectors can be attributed to several sources. Organizations may rush to rebuild in an effort to either restore systems or to contain the attack, but that can destroy valuable sources of data that would help determine how the intrusion occurred and what the threat actor did. Poor log configuration or retention practices may also play a part. Finally, threat actors are increasingly using anti-forensics techniques to obscure their activities – an important reminder that a defense-in-depth approach is more essential than ever for organizations to prevent malicious activity after an intrusion and to remain resilient.

We continue to see the rise in business email compromise risk for professional services that we noted after Q1, with healthcare and FI continuing to be targets. Mitigation is a matter of not only technology (e.g., better identity and access management and email security) but also people (training) and process (out-of-band verification, etc.).

After a drop in Q1, data exfiltration as part of a cyber extortion incident has increased steadily each quarter to reach a new high in Q3. See our last Cyber Services Snapshot for a wealth of information about the increasing complexities of extortion.

The information set forth in this document is intended as general risk management information. It is made available with the understanding that Beazley does not render legal services or advice. It should not be construed or relied upon as legal advice and is not intended as a substitute for consultation with counsel. Beazley has not examined and/ or had access to any particular circumstances, needs, contracts and/or operations of any party having access to this document. There may be specific issues under applicable law, or related to the particular circumstances of your contracts or operations, for which you may wish the assistance of counsel. Although reasonable care has been taken in preparing the information set forth in this document, Beazley accepts no responsibility for any errors it may contain or for any losses allegedly attributable to this information.