Threatonomics Newsletter: March in Review

Threatonomics Newsletter: March in Review

A Note from our US Claims and Operations Lead, Linda Comerford

Hello readers! Welcome to the latest edition of Threatonomics, a newsletter where we share relevant insights shaping the cybersecurity and cyber insurance industries. We focus on helping businesses understand the economic impact of threats and the true cost of cyber risk.

As the North American Head of Claims at Resilience, I've experienced firsthand the complexities of managing modern cyber incidents.

From the ongoing Ivanti vulnerabilities in February to the debilitating attack on Change Healthcare in March, the importance of effective risk management and cybersecurity strategies has never been more apparent. However, these strategies often overlook a critical factor: business interruption.

Today's technology-driven world hinges on reliable systems. When technology fails, client expectations go unmet, potentially leading to lawsuits and financial losses exceeding the cost of the breach itself.

In today’s newsletter, we share insights into effectively managing complex claims, the technology issues cyber leaders are most worried about, and what makes Resilience Tech E&O different from other providers. 

Happy reading!

-Linda Comerford, North America Head of Claims


5 takeaways on the state of Complex Claims

By Linda Comerford

New technological advances are rarely accompanied by updated data privacy laws. The combination of the digital age and dated legislation leads to complex litigations following large-scale incidents that can result in costly payouts. 

From ransomware to deep fake frauds, the threats continuously evolve, demanding a proactive and informed approach to incident response and risk mitigation. 

Below are five key insights from my recent panel, "Back to the Future: A Roadmap for the Current & Future State of Cyber Claims," at the Complex Claims & Litigation Forum.

1. Lawsuits are a growing cost of ransomware and BEC.  

Cyber insurance claims arise from various situations, and understanding the triggers allows for better risk mitigation. Ransomware remains the top culprit, responsible for a staggering 81% of claims involving recovery expenses. However, the financial burden extends beyond data recovery. Legal action – including lawsuits, settlements, and class actions – is becoming increasingly commonplace following major breaches.

While cyber insurance can help offset the cost of a legal suit, it can rarely cover the entire cost. Lawsuits are an unpredictable and significant cost of data privacy incidents, and they are likely to grow in prevalence as high-profile breaches receive more media attention. 

2.  New Tech, New Risks, New Lawsuits

The introduction of Artificial Intelligence (AI) has the cybersecurity community on high alert. AI-powered human-engineering attacks are becoming more sophisticated, tricking victims into divulging sensitive information that could spark litigation from both clients and other businesses.

Deepfakes and voice spoofing further complicate matters. These technologies lack a legal framework for detection and use, potentially leading to a surge in cyber breaches, claims, and data privacy lawsuits as AI's influence grows. There is hope for new legislation in the future. In the meantime, AI is predicted to lead to an uptick in cyber breaches, claims, and data privacy lawsuits. 

Continue reading on our blog.


Rapid Response and Strategic Solutions Minimize Disruptions for a Hardware Manufacturer

The intersection of digital infrastructure and physical operations in the manufacturing industry not only drives innovation but also presents unique challenges, particularly to cyber threats. These challenges are exacerbated by the reliance on interconnected systems, such as Enterprise Resource Planning (ERP) and production databases, making them prime targets for disruptive cyberattacks. 

A stark example of this vulnerability came to light when a publicly traded manufacturing client became the victim of a sophisticated ransomware attack. This attack encrypted essential file servers, immobilizing production databases and backups, and was further complicated by detected data exfiltration activities. This client was in a dire situation, striving to recover critical operations amid substantial technical challenges and significant disruptions to its manufacturing and distribution channels.

In this crucial moment, the company sought the expertise of Resilience.

Immediate Mobilization and Comprehensive Response Team - Within hours of reporting the incident, Resilience quickly mobilized a response team comprising experts in privacy law, technical forensics, and ransom negotiation, providing immediate and comprehensive assistance.

Tailored Industry-Specific Expertise—Leveraging industry-specific knowledge, Resilience guided the company through the rapid incident response and offered tailored solutions to mitigate the attack’s impact on the manufacturing operations. 

Deployment of Cybersecurity Tools - One of the pivotal steps taken was the swift deployment of Endpoint Detection and Response (EDR) technology. This move was instrumental in halting further encryption activities, significantly bolstering the company's defenses against ongoing and future cyber threats.

Ransom Negotiation - A crucial aspect of Resilience's intervention was our role in ransom negotiations. Through skilled engagement, the client achieved an 85% reduction in the ransom demand, substantially alleviating the financial burden on the firm.

The collaborative efforts of the company and Resilience led to a significant reduction in both the ransom amount and operational downtime. Through strategic advice and the implementation of proactive cybersecurity strategies, the company quickly resumed its operations. This successful intervention not only underscored the importance of tailored cybersecurity measures but also emphasized the value of having a knowledgeable and responsive cybersecurity partner. 


POLL: What risks are you most worried about when it comes to Tech E&O coverage?

In today's digital age, technology underpins virtually every aspect of business operations, from customer relationship management to transaction processing. Yet reliance on these systems has a flip side: disruptions or failures can lead to substantial financial damage, undermining revenue, eroding customer trust, and tarnishing a company's reputation.

We asked our audience, which risks are you most worried about when it comes to Tech E&O coverage?

Results from our recent LinkedIn poll

No matter the issue, Resilience Technology E&O coverage is designed to address all the key risks that technology companies face in the market today.


Why Clients and Brokers Are Choosing Resilience Technology E&O 

Underwriting Tech E&O requires a deep understanding of the industry, its diverse risks, and the evolving legal landscape, making it a technically intricate class of business to assess and insure. Our in-house experts across Product, Customer, Underwriting, Claims, and Threat Intelligence explain why we are the ideal choice for Tech E&O insurance.

Daniel Raccuia: in-house complex claims expertise and ability to handle complex tech e&o liability claims

“Our team of seasoned attorneys and insurance experts cuts through complex litigation and claims. We understand the key technology concepts and issues critical to your success. Leveraging this expertise, we proactively manage Tech E&O claims, ensuring streamlined and successful resolutions for our insureds.”

To read more about the Resilience difference, click here.


How Proactive Threat Hunting Prevented Financial Losses from ConnectWise ScreenConnect Vulnerability

In late February, the cybersecurity community was alerted to significant vulnerabilities within ConnectWise, affecting the ScreenConnect remote access tool and raising concerns about potential data security breaches.

At Resilience, we take a proactive approach to threat hunting and vulnerability management, helping our clients mitigate cybersecurity challenges - and prevent losses - as they unfold. This applies not just to individual clients but to our entire portfolio.

As soon as the ConnectWise vulnerabilities were discovered, our threat intelligence team sprang into action, identifying all potentially impacted clients and alerting them to the threat. This rigorous investigation allowed us to pinpoint the risk, communicate effectively with clients, supply them with critical patching protocols, and continuously monitor their systems to ensure the vulnerabilities were not exploited.

Thanks to our proactive approach, coupled with our critical notification process and detailed guidance on repairing third-party vulnerabilities, no Resilience client filed a claim or suffered a loss from ConnectWise ScreenConnect. Through timely intervention and relentless effort, clients were not only protected from cyber threats but also spared from the devastating financial consequences of network breaches and data compromises

Building an environment where our client base can withstand the impact of material incidents like these is a testament to our ability to foster Resilience.  


Thank you for reading. Before you go...

Subscribe so you don’t miss our next issue. For more trends and insights from Cyber Resilience experts, follow our LinkedIn page for weekly blog posts, videos, and more!

To view or add a comment, sign in

More articles by Resilience

Insights from the community

Others also viewed

Explore topics