September 20, 2021 by Canadian Underwriter Staff
Knowing the most common cybersecurity attacks can help brokers better advise their clients on risk mitigation strategies, a Canadian cyber insurance provider has said.
Selling cyber policies remains a concern for many brokers, who are struggling to keep up with the increased frequency and severity of sophisticated cyberattacks and ever-evolving coverages.
The more brokers understand about the nature of cybercrime claims, the better equipped they will be to advise clients on preventing losses in the first place, George Bozanin, managing partner and head of business development with Coalition Insurance Canada, told Canadian Underwriter.
“While ransomware and funds-transfer fraud are the main ways criminals immediately monetize cybercrime, they use a wide array of attack techniques and tactics to gain access to systems in the first place,” Bozanin said.
The most common attack vectors in claims experienced by Coalition policyholders were social engineering leading to business email compromise; insecure remote access exposed directly to the internet; and third-party vendors targeted in supply-chain attacks — all of which “can lead to potentially catastrophic cyber events.”
“So far in 2021, the top attack techniques experienced by Coalition policyholders include phishing (48%), exploitation of vulnerabilities on public-facing applications (27%) and exploitation of insecure remote access (12%),” Bozanin said, quoting Coalition’s recent 2021 Claims Report.
Bozanin said brokers should provide their clients with “specific and actionable recommendations” to protect their businesses.
“Brokers should tell clients that every password they set, tool they use and network they access can leave them exposed and vulnerable to cyber threats.”
Bozanin said Coalition recommends the following best practices:
Feature image by iStock.com/solarseven
Have your say: