New research from Boston-based Corvus Insurance has found the rate of ransomware attack claims are falling, reaching in Q4 2021 just half of the peak seen in Q1 2021.
The surprise findings were revealed in the second Corvus Risk Insights Index, a compilation of industry trends and data analysis based on the company’s security scanning technology.
It is fair to say that ransomware attacks have been the bane of security professionals for a number of years now. Indeed, research earlier this month from Vectra found that such is the strain on IT departments, that 50 percent of security leaders are ready to throw in the towel.
The Corvus Risk Insights Index points out one of the best indicators of overall cybercrime activity is the rate of ransomware claims in the Corvus book of business.
Based on Corvus’s claims data, after all of the dire headlines throughout 2021, the end of the year presented signs of improvement, the firm said.
So what are triggered the decline? Are businesses and organisations finally getting savvy to the threats and improving their cyberdefences? Well, yes it seems.
“This decrease in cost and severity can be partially attributed to underwriting entities requiring stronger backups for insurance coverage, which is helping to drive the broader trend toward more sophisticated and resilient approaches to mitigating ransomware risk,” Corvus stated.
The data also revealed spikes in claims tied to major cybercrime events including the Microsoft Exchange Server vulnerability and the Kaseya ransomware attack.
Meanwhile more recent data in the Corvus’s Risk Insights Index touched on Russia’s ongoing invasion of Ukraine, which has included a hybrid warfare model involving cyber attacks against public and private sector organisations.
While attacks have led to increased concerns over potential collateral damage, Corvus observed a 30 percent reduction in ransomware claims frequency from Q4 2021 to Q1 2022 (through to 15 March), highlighting the fractured ransomware threat ecosystem during a time of war.
The overall severity of ransomware costs by industry, also shifted significantly over the past year.
And it seems that SMBs are still playing catch up in cybersecurity matters.
“We are in the midst of a critical and challenging time for security professionals,” said Phil Edmundson, founder and CEO of Corvus Insurance.
“As the security landscape shifts and threat actors continue to evolve their attacks, this report provides the data-driven analysis critical for organisations to navigate and prepare for adverse events in this new cyber age,” said Edmundson.
Meanwhile a security expert noted the Corvus research and said it could indicate that businesses are starting to learn the lessons after suffering an attack.
“These figures could suggest we are at a turning point where businesses have improved their cyber protection and plugged many of the gaps, often found from their own previous mistakes,” noted Jake Moore, global cybersecurity advisor at ESET.
“Once a business has been infected by ransomware the whole company realises the importance of security and often then changes its ways,” said Moore. “Although not always the case, the majority of targeted companies act upon ransomware attacks and therefore, once they have been infected, the likelihood of a secondary attack is presumed less likely.”
“It is expected that ransomware will continue but the gaps and vulnerabilities to target will inevitable get smaller as time goes on but there will sadly never be a time when companies can remove the worry of a potential attack completely,” Moore concluded.
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…