By Anthony Mini, President | CEO
There are striking similarities between cybersecurity and cyber insurance. The “ones and zeros” from binary to statistical modeling all merge into the overarching domain of risk management. The Key Risk Indicators (KRIs) published in the annual cybersecurity reports from Verizon and the FBI all illustrate that the emerging threats to cybersecurity are growing in frequency and cost.
The FBI noted an increase in cybersecurity incidents in the past four years—from 19,060 in 2016 to 26,074 in 2021. Verizon reported that data breaches nearly doubled in recent years, increasing from 2,260 in 2016 to 5,258 in 2021. Further, CrowdStrike Intelligence, a cybersecurity organization, observed an 82% increase in ransomware-related data breaches from 2020 to 2021. Costs associated with cybersecurity incidents both to the overall economy and to affected organizations are significant. However, cost estimates for these incidents vary widely. For example, in 2018 the Council of Economic Advisers estimated that malicious cyber activity cost the U.S. economy between $57 billion and $109 billion in 2016 (The Council). According to a 2018 RAND report, cyber incidents may have cost the economy more than $242 billion per year. A 2020 CISA study, based on data from several datasets published in 2015–2020, reported that the median cost of a cyber incident to a U.S. organization might range from $56,000 to $1.7 million.
As these trends continue to get worse, it is important that organizations seek to better understand the risk they are managing. Throughout this paper, we will address the state of cybersecurity from two vantage points: one being cyber assurance, which are the processes, technologies, and efforts “left of boom” and are proactive in defending against an attack; and the latter being cyber insurance, which are the processes, technologies, and efforts focused on the “right of boom,” after the alert of a cyberattack.
Read more by downloading the white paper.
