Focusing on ransomware is 'missing the point': Resilience CEO

By Erin Ayers, Advisen

Recent data from cyber insurance provider Resilience showed a 300% increase in ransomware events between the third quarter of 2022 and the first quarter of 2023 – but solely focusing on ransomware would be “missing the point,” according to Vishaal “V8” Hariprasad, Resilience’s CEO and co-founder.

While ransomware increased over the last few quarters, it isn’t the top cause of loss, Hariprasad told Advisen in a recent interview.

“It’s just one element of how crimeware actors operate. Ransomware never left; it just took a hiatus,” he said. “We should not be focused on just ransomware. If we’re doing that, we’re missing the point.”

In 2022, geopolitical conflict and a heightened focus by governments on fighting ransomware “distracted” threat actors – and many began focusing on other less “sensational” cybercrimes. As a result, financial transfer fraud and vendor data breaches now outnumber ransomware at top causes of cyber insurance claims – and frequently come with a higher price tag. The FBI recently reported business email compromise fraud losses at $2.7 billion compared to $34.3 million for ransomware in 2022.

Financial transfer fraud accounted for 17% of claims handled by Resilience according to the firm’s 2022 Claims Report, followed by vendor data breaches at 11.8%, and business email compromise at 10.4%. Direct ransomware attacks (those suffered by an insured) came in at 9.7%, followed by knock-on effects due to ransomware events against third-party vendors at 8.1%.

A few cybersecurity failures drive the majority of cyber incidents, Resilience found. Phishing is “unsurprisingly” the top point of failure, causing 23.4% of all claims, followed closely by third-party vendor risk at 22.1%. Privileged access management came in third at 14.5% of all claims.

“All three of these critical points of failure have well-documented and supported corresponding cybersecurity controls, that have been repeatedly enforced for years,” Resilience said in its report. “But despite significant investment in these areas, these points of failure continue to remain the basis for the majority of financial loss from cyber incidents.”

Clients who worked with Resilience on risk management solutions before ever experiencing a cyber event saw an impact – 100% were able to avoid paying a ransom and they were 67% less likely to incur financial losses because of the attacks than clients that did not actively mitigate their risk in advance.

“We had several companies that engaged with us at the height of the hard market. No one would even quote them, but they had done the work and become good risks,” Hariprasad said.

Resilience insured them with coverage restrictions and high sublimits to start, then worked with the organizations to further mature their cybersecurity posture by focusing on quick rebound from cyber events.

“Now we have companies on their second and third renewals with no restrictions and limits,” he said.

Bridging the gap between security professionals and business decision-makers in an organization is key, according to Hariprasad.

“Prioritizing your cybersecurity decisions as business decisions can make a difference,” he said, recommending “clear articulation” of the how the top points of cybersecurity failure can lead to financial loss.

He added, “It takes the ones and zeroes and translates it in the dollars and cents for CEOs and CFO.”

Managing Editor Erin Ayers can be reached at erin.ayers@zywave.com