As cyberattacks become more frequent and costly, it’s crucial for organizations to maximize their financial protection against related losses by purchasing sufficient insurance. Cyber coverage, also known as cyber liability insurance, can help organizations pay for a range of expenses that may result from cyber incidents—including (but not limited to) data breaches, ransomware attacks and phishing scams.

The Biden administration highlighted the potential of a federal cyber insurance backstop as a key objective of its long-awaited national cybersecurity strategy and a push to hold software manufacturers accountable for vulnerabilities in their products.

Cyber incidents—including data breaches, ransomware attacks and social engineering scams—have become increasingly prevalent, impacting organizations of all sizes and industries. Such incidents have largely been brought on by additional cyberthreat vectors and growing attacker sophistication.

Employees are an organization’s first line of defense against cybercriminals. For this reason, they are also commonly targeted. In fact, the vast majority (88%) of data breaches are caused by employee mistakes, according to Stanford University. Unfortunately for organizations, a single mistake can result in costly losses, reputational damage and lost or stolen data.

At some point, all software will reach the end of its life. This means manufacturers will no longer develop or service the product, discontinuing all technical support, upgrades, bug fixes and security fixes. As a result, end-of-life (EOL) software will have known vulnerabilities that cybercriminals can easily exploit. This article discusses the risks of continuing to use EOL software and discusses best practices for organizations to mitigate this risk.

Modern vehicle technology has transformed in the past several years as autonomous driving, vehicle electrification and car connectivity features have become more common. While these digital innovations in the automotive industry have added significant customer value, they have also exposed vehicles to cybercriminals attempting to gain access to critical in-vehicle electronic units and data.

An attack surface is the total possible entry points (a.k.a. attack vectors) for unauthorized access into any system. The recent increase in remote and hybrid work combined with the shift to the cloud and widespread implementation of software-as-a-service (SAAS) applications have made attack surfaces increasingly large, complex and difficult to defend against cyberattacks.

Patch management is the process of acquiring and applying software updates to a variety of endpoints, including mobile devices, computers, servers and embedded devices. Installing patches regularly is necessary to correct errors, help protect data and optimize system functions. This article provides information on how a consistent approach to patching and updating software can limit exposure to various exploits.

Endpoint detection and response (EDR) is a cybersecurity solution that continuously monitors security-related threat information and endpoint data to detect and respond to ransomware and other kinds of malware. It provides visibility into security incidents occurring on endpoints—such as mobile devices, desktop computers, laptops, embedded devices and servers—to prevent damage and future attacks.

Ransomware and business email compromise (BEC) caused the most cyber insurance claims over the past five years, accounting for 44% of about 7,000 claims examined in NetDiligence’s 2022 Cyber Claims Study. The percentage of claims attributed to these two causes of loss rose to 50% for claims reported in 2020 and 2021.

According to a recent analysis from S&P Global Ratings (S&P), the cyber insurance sector needs “clear and precise policy wording” to build a sustainable market and encourage contract certainty for buyers and insurers. The cyber coverage segment has grown faster than any other subsector of the insurance market, reaching $9.2 billion in global premiums in 2021.

Fewer ransomware victims paid to retrieve access to their systems, and the median ransom payment dropped 51% in the second quarter of 2022, according to a recent report from Coveware. Though the median payment dropped to $36,360, the average ransom payment increased 8% to $228,125, boosted by a few outliers. However, the improvement in the median payment reflected threat actors’ shifts toward less risky, lower-profile targets, and the average remains below a fourth quarter 2021 high of over $300,000.

The Cybersecurity & Infrastructure Security Agency (CISA) maintains the Known Exploited Vulnerability (KEV) catalog to help organizations better manage and mitigate cybersecurity vulnerabilities. The agency encourages organizations to utilize the KEV catalog—the authoritative list of vulnerabilities that have been exploited—to keep pace with threat activity and remediate the listed vulnerabilities to reduce the likelihood of compromise by known threat actors.

Cyberespionage is a type of cyberattack that involves an unauthorized user (or multiple users) accessing a victim’s sensitive information in order to secure economic benefits, competitive advantages or political gain. Also known as cyberspying, the primary targets of such cyberattacks include government entities, large corporations and other competitive organizations.

Hackers exploit virtual vulnerabilities to gain access to networks and devices illegally. While most engage in this activity for financial gain, others, called hacktivists, have different motivations.

Ransomware incidents entail cybercriminals compromising their victims’ computers or servers with malware and demanding large payments in order to restore the technology (as well as any files or data stored on it). They have often been considered one of the most damaging cyberattack methods.

Every year, people report fraud, identity theft and bad business practices to the Federal Trade Commission (FTC) and law enforcement partners. According to FTC data, more than 2.8 million people reported fraud in 2021, and 1 in 4 said they also lost money.

Credential stuffing incidents entail cybercriminals leveraging stolen usernames and passwords in attempts to gain access to additional accounts and systems. For example, a cybercriminal may obtain a target’s username and password for a social media account and use those same login credentials to try and access the victim’s other systems (e.g., email accounts, banking applications or workplace networks).

A man-in-the-middle (MITM) cyberattack refers to a cybercriminal intercepting a digital interaction or exchange between individuals, systems or an individual and a system. During a MITM incident, a cybercriminal could either eavesdrop on an interaction or pretend to be a genuine participant in the exchange.

As cyberattacks become more frequent and severe it is increasingly important for organizations to practice good cyber hygiene to minimize their exposure to risk. Cyber hygiene refers to habitual practices ensuring critical data and connected devices are handled safely.