21% of Marsh clients reported a cyber incident in 2023
Broker Marsh has revealed that 21% of its cyber insurance clients in the US and Canada experienced a cyber incident in 2023, underscoring the persistent nature of cyber threats facing organizations today.
This is substantially higher than the 18% recorded in 2022, but in line with 2021 (20%) and 2020 (23%).
The Marsh report, which is based on over 1,800 claims, notes that the sophistication and frequency of cyberattacks have evolved, with new tactics and strategies being employed by cybercriminals.
Ransomware continues to be a significant threat, even though it represented less than 20% of the total cyber claims reported. The report notes that while the number of ransomware claims has not dramatically increased, the severity and complexity of these attacks have escalated.
One of the notable findings in the report is the shift in extortion payment trends, with cyber criminals growing much bolder in their demands.
The median extortion payment dropped from $822,000 in 2021 to $335,000 in 2022. However, this trend reversed in 2023, with the median payment skyrocketing from $335,000 to $6.5 million and the median demand increasing from $1.4 million to $20 million.
Marsh's report also provides industry-specific insights, revealing that certain sectors are more vulnerable to cyberattacks. For instance, the healthcare and financial services sectors have been frequent targets due to the sensitive nature of the data they handle. The report recommends tailored cybersecurity strategies for different industries to address their unique risk profiles effectively.
The report highlights that while insurance can provide financial protection in the event of a cyber incident, it is not a substitute for robust cybersecurity practices. Companies are advised to work closely with their insurance providers to understand their coverage and ensure it aligns with their risk exposure.
Looking ahead, the report suggests that cyber threats will continue to evolve, driven by advancements in technology and the increasing interconnectedness of systems. Organizations must stay vigilant and adaptable, continuously updating their cybersecurity practices to address emerging threats. Collaboration between businesses, governments, and cybersecurity experts will be essential in creating a more secure digital landscape.
