Holiday Hours: Closed at noon 24th, all day 25-26, noon 31, closed Jan 1
780.424.2727 email
get a Quote
Cyber Insurance Claims Hit Record High in 2023, Report Finds
July 11, 2024

Cyber Insurance Claims Hit Record High in 2023, Report Finds

Cyber insurance claims in North America reached record levels in 2023, according to a report by insurance broker Marsh.Specifically, March received more than 1,800 cyber claim reports from clients across the United States and Canada, the highest of any year. Increased cyberattack sophistication, heightened supply chain vulnerabilities—as demonstrated by the significant MOVEit breach in 2023—and increased privacy claims are thought to be behind the record-high claims figure.

Marsh’s data highlights the need for robust cyber defences for North American companies. “Organizations’ cyber resilience strategy should incorporate a view of cyber risk across the enterprise, including its potential economic and operational impact and taking account of cybersecurity at vendors and other third parties,” Marsh said in its report.

Report Findings

According to Marsh’s report, one in 5 (21%) clients reported at least one cyber event in 2023, up from 18% in 2022. Although a marginal increase, the percentage of clients reporting cyber events has remained relatively stable over the past five years.

However, one type of cyber event, cyber extortion, increased significantly in 2023. Specifically, 282 Marsh clients reported at least one cyber extortion event, including ransomware, in 2023, up from 172 in 2022. Furthermore, median extortion payments rose from $335,000 to $6.5 million between 2022 and 2023. The emergence of a new ransomware-as-a-service cybercrime model and an increase in bad actors could be behind the inflated cyber extortion data.

Although ransomware and other cyber extortion events remain a pressing threat, it’s worth noting that the number of ransomware events in 2023 was less than 20% of all claims reported. According to Marsh, “This means that privacy claims and system attacks leading to unauthorized access and potentially exposed data without an extortion component comprise a much larger share of cyber events reported.”

Regardless, organizations must implement robust cybersecurity measures to reduce the risks of all cyberthreat types. Thismay be even more important in health care, communications, retail/wholesale, financial institutions and education, which were the top five affected sectors in the report.

Next Steps

It’s more important than ever for organizations to review their cyber hygiene measures amid frequent cyber events. Additionally, organizations should implement a robust cyber incident response plan that can act as a blueprint for an efficient response in case of a breach.

Did you know that 60% of small and medium businesses don’t survive after a cyber attack? Protect your business with Cyber Insurance, call us at 780.424.2727 or click here to get a quote.