Allianz’s Cyber Head alerts on ransomware’s resurgence, data exfiltration dangers, and evolving cyber threats. Stay informed!
The recent alert from Allianz’s Cyber Head, Tresa Stephens, rings the alarm bells on the resurging menace of ransomware. Stephens underscores the precariousness stemming from our intricate IT landscape and the heavy reliance on third-party outsourcing. This interconnected web serves as fertile ground for cyber threats, empowering malicious actors. She highlights the concerning emergence of “ransomware as service” groups, enabling even novice hackers to execute attacks on unsuspecting entities.
In her compelling dialogue with Insurance Business, Stephens delineates the potential transformation wrought by mass ransomware assaults, emphasizing the ominous shift towards comprehensive data exfiltration attacks. Her foresight warns of looming threats, casting light on an imminent need for heightened vigilance and advanced cybersecurity measures to safeguard against evolving threats.
Mass ransomware attacks demand constant observation
Amidst the digital landscape, the surge in ransomware attacks within the first quarter of 2023 has sent shockwaves globally, marking a staggering 143% increase according to Allianz Commercial’s recent report. The alarming shift in the speed of execution, from a prolonged 60 days in 2019 to a mere four days in 2021, highlights the intensifying threat.
The impact of these mass ransomware assaults, akin to the significant MOVEit breach, has prompted insurers to reassess their approach. Tresa Stephens emphasizes the gravity of this threat, signaling a pivotal change in insurers’ risk management strategies and portfolio evaluations. This paradigm shift signifies a move beyond isolated risk assessments, driving a deeper understanding of the entire ecosystem enveloping the insured.
Other dangers that differ from ransomware
The landscape demands a collaborative stance, fostering conversations and knowledge sharing among carriers and clients. This transformative perspective, situated within the value chain, emphasizes a holistic approach towards risk assessment. Stephens underlines this evolving viewpoint, redirecting the focus from singular risks to comprehensive ecosystem assessments, offering a forward-looking strategy in the face of emerging threats.
In the realm of cybersecurity, data exfiltration emerges as a formidable frontier. The conventional approach of handling data breaches through encryption and ransom payments for decryption keys is swiftly becoming outdated as threat actors pivot towards easier targets, according to Stephens.
The rationale behind this shift is clear – threat actors find it more cost-effective and less time-consuming to simply pilfer all sensitive information. Their strategic move exploits the vulnerabilities of companies reluctant to pay ransoms to evade legal or public scrutiny, recognizing the risks to reputation, and navigating the maze of regulations and privacy concerns.
Allianz’s statistics reveal a staggering increase in data exfiltration cases, surging from 40% in 2019 to a projected 77% in 2022, with an anticipated upward trend continuing into 2023. This menacing trajectory amplifies the urgency for robust cybersecurity measures.
Furthermore, the financial toll of a data breach in 2023 averaged a staggering $4.45 million, escalating by 15% over a mere three years, reflecting the soaring costs incurred by companies due to lax security.
Stephens underscores the intensified value of data, emphasizing that companies are now two and a half times more likely to acquiesce to ransom demands when data is at risk of exfiltration. This underscores the criticality of safeguarding sensitive information in an era where threat actors capitalize on its heightened significance, relentlessly aiming to seize what matters most to businesses.
New types of cyber security threats other than ransomware
In the realm of cybersecurity, the landscape is evolving, sprouting new breeds of threats apart from the menacing ransomware. When discussing the emerging perils grabbing insurers’ attention, Stephens shed light on the expansive realm created by generative AI and large language models, birthing innovative possibilities.
“These technologies,” she elucidated, “usher in more sophisticated phishing endeavors and voice simulation attacks that have led individuals to inadvertently wire money, mistaking the voice on the phone for that of their CEO.”
The exponential pace of technological advancement serves as a catalyst, providing threat actors with increasingly sophisticated means to perpetrate comprehensive threats across industries.
However, this rapid progression has a flip side – a glaring scarcity of dedicated cybersecurity professionals, lagging behind the skill and fervor exhibited by threat actors in orchestrating malicious campaigns and attacks.
This shortage has forced Small and Medium Enterprises (SMEs) in the middle market sphere to rely extensively on third-party suppliers for essential services and security provisions. This dependence introduces multifaceted challenges in maintaining robust business security.
Stephens echoed concerns about the perpetual shifts in the threat landscape, influenced by evolving technology, consumer privacy rights, and the ever-changing data and privacy regulations. The intricate cyber maze feels rife with pressure and moving targets, demanding astute navigation from companies to safeguard their digital assets effectively.
More from Gilt news:
- How to Secure Healthcare Data in 2024.
- The Lack of Women in AI Puts Us at Risk of Sexist Bots
- GEICO vs Travelers: Which car insurance is Better for You (December 2023)
- What is Cyber Insurance, What are the latest technological advancements in cyber security?
- How To Buy a Car Insurance Online: A Complete Guide
- What Types of Traffic Violations Can Impact Car Insurance Rates?
- Japan’s Life Insurance Sector Set to Surpass $350 Billion by 2028, Driven by Innovations and Regulatory Changes
- China’s Life Insurance Sector is Set to Surpass $890 Billion by 2028
