A recent report from BakerHostetler, Be Compromise Ready: Go Back to the Basics, the 2017 Data Security Incident Response Report (here, here), contains some interesting statistics, trends and findings including a recommendation to purchase Cyber Risk Insurance (also called Data Breach, Privacy and Network Security insurance coverage).
The report notes that cyber incidents were spread across all industries, although some more than others, and all sizes. Causes were as expected, with 43% of the incidents were caused by phishing/hacking/malware and 32% were from an employee action or mistake. And 10% of all incidents involved ransomware, which we find surprisingly low (see below).
While ransomware has existed in one form or another since 1989, the past two years have seen a tremendous increase in the frequency and variety of attacks… We expect ransomware incidents to continue to rise.
Healthcare was the industry with the greatest number of incidents in 2016, accounting for about 35% of all incidents, up from 23% in the prior year. The driver is the high value of healthcare records, which is consistent with the reported current high value of income tax records obtained from accountants and the recent increase in attacks on accountants.
The retail/restaurant/hospitality industry had the highest severity, with the average breach size of almost 300,000 records. The average breach size for healthcare is approximately 60,000 records.
How useful is this data? The information is helpful, but averages tend to be skewed by the numbers and by the data collected. In particular, the lack of reporting of small breaches and the impact of the really large breaches may skew the data in this report – we don’t know. The increase in ransomware and cyber crime attacks does not seem to be fully incorporated into the data, but these claims are often not reported. And the lowest size breakpoint used in the report is 100 mil in revenues, which suggests that cyber incidents at smaller organizations may not be fully included in the data. However, the compilation of data is very informative, and the key findings (recommendations) at the end are important:
- Increase Awareness of Cybersecurity Issues
- Identify and Implement Basic Security Measures
- Create a Forensic Plan
- Build Business Continuity Into Your Incident Response Plan (IRP)
- Manage Your Vendors
- Prepare for Ransomware
- Purchase the Right Cyber Insurance Policy
In addition to strong IT security, Cyber Risk Insurance is an important financial protection against hacking attacks. Coverages vary widely, but comprehensive Cyber Risk Insurance policy forms are available.
Tennant Risk Services is a specialty wholesale broker and underwriting manager, and delivers expertise, markets and exemplary services to our retail insurance agent clients in the placement of professional liability and specialty insurance (E&O, D&O, EPL, Cyber Risk, Specialty). Cyber Risk Insurance is our specialty, and we excel at hard to place accounts.