Sep 04, 2024
AI Social Engineering Scams Are a Growing RiskMost businesses don’t question the need for property insurance or general liability insurance. With ransomware, data breach, and online fraud threats mounting, cyber insurance is becoming another staple of commercial insurance coverage. By offering cyber policies to your clients, you can help protect them before, during, and after a cyber incident.
Cyberattacks Devastate Businesses
Businesses of all sizes and in every industry can suffer cyberattacks. Even small businesses are vulnerable. According to Verizon, many small business owners believe they won’t be targeted, whereas, in reality, small businesses are the primary target for cybercriminals, representing 43% of all data breaches. Small businesses have customer data that hackers want and often lack the sophisticated security of larger businesses, making them attractive to criminals.
When a cyberattack occurs, a company’s IT system isn’t the only thing at risk. Cyberattacks can lead to major financial losses, disrupt operations, harm the company’s reputation, and even expose the company to regulatory action due to data privacy and protection laws.
IBM’s 2023 Cost of a Data Breach Report shows that the average cost of a data breach has increased by 15% since 2020, reaching $4.45 million in 2023. It takes an average of 214 to 322 days to identify and contain a data breach. During this time, businesses may be unable to operate normally, which leads to lost revenue.
Cybercriminals Are Upping Their Game
The Q3 2023 ransomware report from Corvus showed a 95% year-over-year increase in ransomware attacks. However, attack frequency isn’t the only thing businesses need to worry about: cybercriminals are also adopting new techniques that make their attacks more effective.
Many of the new strategies involve AI-powered tools. The National Cyber Security Centre says hackers are already using AI in cybercrime and it will likely cause cyberattacks to increase in both volume and impact over the next two years.
For example, hackers can leverage new generative AI tools to make phishing attacks more successful. According to TechTarget, generative AI can make phishing emails and other messages more convincing by eliminating spelling and grammatical errors, large language models can leverage current information to make messages more urgent, and AI chatbots can create business email campaigns faster than humans can.
Cybercriminals can also leverage voice and even video cloning tools to make imposter scams much more convincing. Imagine receiving a phone call from a scammer who sounds exactly like your boss, telling you to make a wire transfer. According to The Street, since voice cloning is already easily accessible, these types of scams are a real possibility.
Proactive Risk Management Makes a Difference
As criminals are typically looking for quick cash, they often target the easiest victims. Businesses can protect themselves from cyberattacks by ensuring they’re not the lowest hanging fruit. If an attack does occur, proactive risk management can facilitate a fast response that minimizes losses and downtime.
Here are three key ways businesses can control their cyber losses:
- Leveraging technology. Basic cybersecurity includes things like firewalls, antivirus software, regular software updates, data encryption, and secure network settings. However, as cybercriminals adopt more sophisticated technology, businesses should do the same. IBM says organizations that leverage AI and automation to boost cybersecurity save an average of $1.76 million.
- Investing in education. IBM says 41% of attacks used phishing as an infection vector, whereas the IC3 says business email compromise scams led to losses of more than $2.7 billion in 2022. Since many attacks rely on social engineering, worker education is a critical aspect of cybersecurity.
- Monitoring and responding. Monitoring your systems for signs of an infection and having a response plan ready can mean you minimize the losses associated with an attack and comply with data breach notification requirements.
The Role of Cyber Insurance
Many businesses need help launching a cyberattack counteroffensive. Cyber insurance can provide that support.
A cyber insurance payout can cover many expenses incurred during an attack, including the interruption to business, forensic investigations, data recovery, cyber extortion, litigation, and regulatory fees. This can help businesses recover from an attack. Although this alone may make cyber insurance a worthwhile investment, many policies also offer risk management support to help businesses prevent attacks and minimize losses if an attack occurs.
Tangram offers cyber insurance that includes coverage for social engineering fraud, ransomware losses, and telecommunications theft losses. Our program also provides breach preparedness information services. Find out how we help brokers succeed with cyber.