2022 Cybercrime & Threat Predictions

Cybercrime has increased in frequency and severity over the last few years, and predictions indicate that the trend is not going to slow. Forecasters say data breaches will cost an annual $10.5 trillion by the year 2025, compared to $6 trillion in 2021. Attacks on high profile corporations over the last year have placed this issue high on the public radar, and cyber insurance has become a popular product for enhanced security. Here are some of the predicted cyber threats coming in the new year.

Deepfake Technology

Technology that enables fake video and audio media has reached a dangerous level of sophistication. These can be used as a weapon in phishing schemes to deceive people into transferring finances or revealing sensitive information. 

Misinformation Campaigns

With 2022 an important midterm election year, campaigns rife with misinformation are expected to rise. In 2020, there were many domains related to the elections that contained malicious content. Hackers attempt to influence public opinion using “meme camouflage,” bypassing social media algorithms with memes that flood sites to spread the intended message.

Larger Data Breaches

While the number of data breaches increased in 2021, the number of total victims was actually down from 2020. However, cybercrime predictions indicate the scale of data breaches is expected to increase with a higher number of victims and a larger price tag for recovery. With over $40 million paid by cyber insurance to hackers in May of 2021, the success of ransomware attacks will encourage more hackers to attempt similar schemes. 

Supply Chain Attacks

Well-publicized and successful cyber-attacks generally inspire more attacks. Attacks to the supply chain affect a large number of customers, so they receive a great deal of media attention and a high level of focus from government and private cyber security agencies. In the coming year, this will result in hackers accepting the challenge to target bigger corporations or searching for smaller and easier targets.

Mobile Attacks

Over the last year, 50% of U.S. companies have reported a minimum of one employee who has downloaded a malicious app on their cellphone. As the use of mobile devices as payment systems continues to increase in popularity, cyber criminals will target these areas more frequently.

Digital Currency Scams

Cryptocurrency carries several benefits, but also presents a high risk of digital fraud. Hackers who steal digital currency are constantly expanding their capabilities to maximize their profits from this arena that is ripe for cyber-crime. Criminals have found a way to steal crypto wallets. They have also created fraudulent practices that involve free airdropped NFTs, which is likely to become a widespread technique. 

With cyber-crime on the rise and predictions showing the trend will continue, businesses should take steps to protect their interests with cyber insurance and a comprehensive cyber security plan.

About U.S. Risk 

U.S. Risk, LLC. is a wholesale broker and specialty lines underwriting manager providing a wide range of specialty insurance products and services. Headquartered in Dallas, Texas and operating 16 domestic and international branches, U.S. Risk and its affiliates would like to help you access a world of new markets and products. For more information, contact us today at (800) 232-5830. 


Why Companies Should Not Pay Ransom Fees

Increased reliance on technology brings increased potential for cybercrime, and ransomware is no exception. An investigation by Verizon in early 2021 reported that 10% of breaches from 2020-2021 involved ransomware, a type of malware that attacks a company’s computer network, encrypting its data and demanding payment in exchange for release of the locked-down files. While cyber insurance can help to protect companies against loss due to ransomware attacks, the issue of how to handle this type of crime is still largely controversial.

Should Businesses Pay Ransomware?


The FBI estimates that nearly $1 billion is paid out in ransom to cyber criminals every year, despite their official position that advises victims not to pay. In some cases, the cost of attempting to recover from the attack exceeds the cost of paying the ransom. For example, the city of Baltimore was attacked with a ransomware demand of $75,000 in bitcoin, which the city refused to pay. Recovery took over two months with a total loss of at least $18.2 million, including lost revenue and the expense of restoring the hijacked systems.

While some businesses feel it’s safer and cheaper to pay the ransom, the reality is that paying does not guarantee a quick or easy resolution to the issue.

What Is the Consequence of Paying the Ransom?

It’s important to keep in mind that the individuals behind the ransomware are criminals, and they can’t be trusted to keep their word. Even if they do honor the agreement, there are several reasons why paying the ransom is a bad idea.

  1. Legal penalties. The Office of Foreign Assets Control (OFAC) has a sanctions program that penalizes anyone who provides support to cyber criminals residing in or operating from a sanctioned country.
  2. Data loss. Decrypters provided by the attackers may not work. The data recovery can take weeks, and there is no guarantee that all of it will be recoverable. In fact, an average of 46% of data is recovered from ransomware attacks, with 51% of victims recovering all of their data and 3% recovering nothing after making their payments.
  3. Wrong message. When hackers are paid for their crimes, they are receiving reinforcement for their ransomware actions. This shows that the tactics work and encourages a repeat of the extortion scheme on the same business or similar businesses in the future. Research shows that 80% of companies that pay the ransom demand become the victim of another attack, with 46% of those crimes committed by the same attacker.

Organizations should take precautions against ransomware by following prescribed cyber security measures and obtaining cyber insurance. If your client’s business becomes the victim of a ransomware attack, the decision on how to recover is a difficult one. Keep in mind the FBI advises against paying the criminals.

About U.S. Risk 

U.S. Risk, LLC. is a wholesale broker and specialty lines underwriting manager providing a wide range of specialty insurance products and services. Headquartered in Dallas, Texas and operating 16 domestic and international branches, U.S. Risk and its affiliates would like to help you access a world of new markets and products. For more information, contact us today at (800) 232-5830. 


Multi-Factor Authentication (MFA)

No matter how strong password credentials may be to secure an account, there are often equally strong attacks against them. When establishing appropriate access for users, it’s important that users prove they actually are who they claim to be.

cybersecurity threats

A Bank’s Largest Cybersecurity Threats

Banks have always been a dream target for criminals. After all, that’s where the money is. In today’s technological landscape, much of a financial institution’s operations now occur over the internet, creating a web of attractive targets for cybercriminals. Without cyber insurance and preventive measures in place, banks face an alarming level of risk to sensitive data, including the following areas that have been ranked as the top cyber threats for financial institutions.

Social Engineering

Cybercrime has increasingly become more sophisticated, but some of its most insidious techniques are based on psychology. Social engineering uses manipulation to entice people to divulge confidential information. Financial institution officers overwhelmingly feel that social engineering holds the biggest cybersecurity threats to banking institutions, including the following:

  • Baiting: lures victim with an enticing link or attachment in an effort to steal valuable information or upload malware
  • Contact spamming: uses unsolicited bulk email, text, or other digital messages to spread viruses and malware
  • Phishing:
    • customer-targeted: targets customers pretending to be their bank in an effort to obtain sensitive account information
    • employee-targeted: targets employees of financial institutions in an attempt to gain access to the bank’s internal systems
  • Spear phishing: uses counterfeit messages that seem legitimate in an attempt to steal sensitive data or gain access to a computer network
  • Vishing: combining “voice” and “phishing,” uses a spoofed caller ID to make calls appear to originate from a legitimate business


According to a 2021 survey about cybersecurity threats, only 9% of bankers surveyed expressed concern about ransomware, yet it is one of the costliest and most concerning type of cybercrime. 2020 saw a huge increase in the number of ransomware attacks, and researchers predict an additional seven-fold rise in the coming year. Hackers have been paid millions of dollars in blackmail demands to free systems locked down by ransomware, and the techniques being used are evolving and becoming more sophisticated.

Supply Chain Attacks

Another critical threat to the financial services industry is the use of vendors and other third-party services that lack strong cyber security. Cybercriminals target these vendors, delivering malicious code through products or updates that seem legitimate that are then passed to the bank. This method of distributing malware is becoming more popular and disruptive.

Manipulated Data

Hackers don’t always steal data when they infiltrate a system; sometimes, they just change it. This type of attack is very difficult to detect. For a bank, this type of cybercrime can result in millions of dollars in damages. In addition, the institution faces a loss of trust with its customers and potential damage to its reputation.

In today’s world of increased technology, it’s critical for financial institutions to obtain cyber insurance to address current cyber security threats. ◼

About U.S. Risk 

U.S. Risk, LLC. is a wholesale broker and specialty lines underwriting manager providing a wide range of specialty insurance products and services. Headquartered in Dallas, Texas and operating 16 domestic and international branches, U.S. Risk and its affiliates would like to help you access a world of new markets and products. For more information, contact us today at (800) 232-5830. 

data breach

The Actual Costs of a Data Breach in 2021

2020 was a banner year for cyber criminals. As the coronavirus halted normal business operations across industries, shifts to remote work environments and a growing reliance on digital communication resulted in significant risk exposures for businesses of every size and type. Cyber criminals were successful in penetrating corporate and government computer systems around the world. The costs associated with a single criminal data breach can be staggering – and those costs are expected to increase in 2021. Without the protection of cyber insurance, business owners face out of pocket expenses that can negatively impact operations. 

Data Breaches: An Overview

Cyber crimes can take many forms. In some cases, criminals will gain unauthorized access to computer systems and steal data. In other attacks, sensitive personal information and business data will be held hostage, only to be released after a ransom is paid to the criminals. No matter the type of cyber attack, business owners have experienced substantial financial impacts. In a single attack on a Canadian financial services firm, the company was forced to spend about $53 million to recover stolen information. A European manufacturing firm faced costs as high as $75 million for a cyber attack that crippled operations.

According to a report compiled by IBM and the Ponemon Institute, the average cost associated with a data breach was nearly $4 million in 2020. In the United States, the average cost is even higher, approaching $8 million. While cyber insurance serves to recoup many of the costs faced in the wake of a criminal data breach, preventing attacks from occurring in the first place is a powerful risk management approach.

Four Categories of Financial Loss

In the wake of a data breach or ransomware attack, business owners may be on the hook for hundreds of thousands or even millions of dollars in unexpected expenses. Monetary losses associated with cybercrimes fall into four broad categories:

Detection – costs resulting from identifying and reporting a cyber attack as well as the expenses arising from audits, investigation, and mitigation.

Notification – costs associated with informing customers and stakeholders of a cyber attack.

Response – expenses that arises from the company’s response to an attack, including beefing up computer security, additional monitoring of computer systems, and providing affected customers with legal advice, credit monitoring services, and even discounts. 

Business losses – cyber crimes often interrupt business operations, resulting in significant expenses. Lost revenue is only one of many potential effects of a data breach.

The role of cyber insurance in protecting businesses from financial hardships after a data breach cannot be overstated. This insurance provides reimbursement for many of the expenses associated with cyber crimes and offers a blanket of liability protection for business owners.

Hidden Costs Associated with Data Breaches

Lost revenue and the expenses associated with recovering data after a cyber crime are well known to business owners. Data breaches often come with a wide range of hidden costs, however, and these costs can strain even the most comprehensive cyber insurance policy. Hidden costs associated with a data breach include:

  • Legal liabilities
  • Forensic data recovery
  • Supply chain interruptions
  • Reputational harm
  • Intellectual property theft
  • Lost control over critical business infrastructure and networks
  • Increases in cyber insurance premiums after a cyber attack

In many cases, business owners discover that calculating hidden costs or intangible losses is difficult at best. Simply determining what is lost and how much it costs adds even more expense to the equation, as many companies hire third-party cyber security professionals to conduct valuation and damage analysis in the wake of a data breach. Cyber criminals continue to target healthcare operations, financial services firms, and government entities even as world economies recover post-pandemic. It is clear that cyber insurance is an essential risk management tool in 2021 and beyond. 

About U.S. Risk

U.S. Risk, LLC. is a wholesale broker and specialty lines underwriting manager providing a wide range of specialty insurance products and services. Headquartered in Dallas, Texas and operating 16 domestic and international branches, U.S. Risk and its affiliates would like to help you access a world of new markets and products. For more information, contact us today at (800) 232-5830.

Ransomware on the Rise

Spotlight on Ransomware

Spotlight on Ransomware

Ransomware has become increasingly sophisticated, specialized and often incredibly difficult to prevent. This form of cybercrime involves hackers breaking into computer networks and locking up digital information until the victim pays for its release. Larger companies have been the primary target assumably because they have deeper pockets, but cybercriminals are increasingly attacking smaller organizations because they typically have less security in place. While ransomware is on the rise, there are ways to dramatically reduce if not eliminate the threat.

Download this post as a U.S. Risk White Paper (PDF).

Ransomware Trends

  • Payments are soaring. The average ransomware payment nearly tripled last year as compared to two years prior.
  • Paying a ransom doesn’t guarantee data recovery. One survey found ransom was paid in about one-third of cases. However, only a tiny percentage got all their data back, and nearly a third couldn’t recover more than half the encrypted data.
  • There is a rise in double extortion. This is when an attacker seizes data and demands payment. If payment isn’t made, the attackers will publish the data in an attempt to damage or embarrass the victim. In an increasing number of cases, it seems the demand for payment is really in return for not leaking stolen information online.
  • Cost of ransomware recovery has doubled, with the average total cost of recovery estimated to be ten times the average ransom payment.
  • Lawsuits being filed over small incidents are growing: more cases are seeking early settlements.

Proliferation of Ransomware

Experts predict there will be a ransomware attack every 11 seconds in 2021 and that the global cost associated with ransomware recovery will exceed $20 billion. By 2025, organizations will invest more than $1 trillion in their cybersecurity.

Ways to Reduce Your Risk

The most basic approach should include developing a companywide focus on security, an incident response plan and a separate backup system for data. In every ransomware event to date, it appears at least one (or more) of the following causes was to blame: no endpoint detection and response (EDR) strategy, ineffective backup solution/implementation, and open remote desktop protocol.

  • Implement Social Engineering/Phishing training to all employees, at least annually
  • Implement email filtering solutions
  • Implement Multi Factor Authentication (MFA) in the following areas:
    • Privileged User Accounts
    • Remote Access to Computer Systems by Employees
    • Remote access to Computer Systems by Vendors and Independent Contractors
  • Implement Endpoint Detection & Response (EDR)
  • Implement a Patch Management Program
  • Implement Daily Backups and Encrypt Backups
  • Implement Network Segmentation both physically and virtually
  • Disable all Remote Desktop Protocol ports (RDP) and Remote Desktop Gateways (RDG)
  • Implement Use of Net Generation Antivirus Software (NGAV)
  • Implement External Penetration Testing, at least annually

The Final Safety Net

While cyber insurance cannot act as a replacement for the security measures all companies should be implementing, it can help organizations with a financial safety net as well as proactive risk mitigation and management resources.

Top 10 Cyber Insurance Trends

  1. Cyber claims are growing in number and complexity
  2. External attacks are causing the most expensive losses, but internal accidents are occurring more frequently
  3. Business interruption is becoming the main cost driver behind claims
  4. Remote work and COVID-19 have heightened exposures
  5. Ransomware incidents are becoming more frequent and financially damaging
  6. Business compromise email attacks are surging
  7. Regulatory exposure is increasing around the globe
  8. Class action litigation is rising
  9. M&As are introducing cyber risk
  10. Nation state-sponsored attacks are increasing

Glossary of Terms

Multi Factor Authentication (MFA)
An electronic authentication method in which a device user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism. MFA protects the user from an unknown person trying to access their data such as personal ID details or financial assets.

Endpoint Detection & Response (EDR)
Also known as endpoint threat detection and response (ETDR), EDR is a cyber technology that continually monitors and responds to mitigate cyber threats.

Patch Management Program
Patch management is the process of distributing and applying updates to software. These patches are often necessary to correct errors (“vulnerabilities” or “bugs”) in the software.

Network Segmentation (physical and virtual)
Network segmentation is an architectural approach that divides a network into multiple segments or subnets, each acting as its own small network.

Remote Desktop Protocol (RDP) or Gateway (RDG)
A Windows server role that provides a secure encrypted connection to the server via RDP. It enhances control by removing all remote user access to the system and replaces it with a point-to-point remote desktop connection.

Next Generation Antivirus Software (NGAV)
Detects, responds to and prevents all kinds of cyberattack tactics, techniques and procedures (TTPs).

External Penetration Testing
External penetration testing is a security assessment of the perimeter systems. External penetration testing usually tests from the perspective of an attacker with no prior access to your systems or networks.

The Bottom Line

Preparation is key when it comes to cybercrime prevention and loss controls. A trusted insurance expert highly experienced in all the various forms of cybercrime and how to insure them needs to be brought into the process as early as possible to ensure coverage for critical risks, future potential claims management, and the latest developments in terms and conditions.

About U.S. Risk

U.S. Risk, LLC is a wholesale broker and specialty lines underwriting manager providing a wide range of specialty insurance products and services. Headquartered in Dallas, Texas and operating 16 domestic and international branches, U.S. Risk and its affiliates would like to help you access a world of new markets and products. For more information, contact us today at (800) 232-5830.

cyber attack

Lesser Known Costs Associated with a Cyber Attack

With the growing threat of cyber attacks on business interests around the world, cyber insurance has become an integral part of risk management. This insurance helps to cover the expenses associated with a cyber attack, such as a distributed denial of service (DDoS) attack, data theft, or hijacking of business infrastructure. There are many costs associated with cyber criminality; in this guide, we will explore some of the lesser-known or “hidden” costs business owners must be aware of as they plan their network defenses. 

A Wave of Cyber Crimes

Cyber attacks have been part of the digital economy for decades. Just as soon as businesses moved to computerized systems, criminals followed in an attempt to steal or destroy sensitive electronic records. The threat of cyber attacks has only grown in recent years; computer security analysts report that the coronavirus pandemic hastened cybercrimes against businesses, governments, and financial institutions to the tune of a 600% increase in reported attacks. 

A single attack on business networks can mean hundreds of thousands or even millions of dollars in expenses for victims. In fact, the average cost of a data breach in 2020 was $3.86 million. Without robust cyber insurance protections, business owners face staggering out-of-pocket expenses during network recovery operations and the reputational harm that follows a publicized attack. 

Visible vs. Hidden Costs

Companies that fall victim to cyber attacks typically report what is known as “cost per record”, or the average expenses associated with common recovery costs like customer notification, regulatory penalties or fines, and credit monitoring services for those affected by a data breach. These visible costs account for much of the average $3.86 million expense when cyber criminals are successful in their endeavors.

Lesser-known costs, however, have the potential to create negative outcomes for business owners who have experienced a cyber attack. The effects of a data breach, email spoofing campaign, or phishing attack can often be difficult to quantify for business owners, but these effects can have a significant financial impact on business operations. So-called “hidden” expenses include:

  • Reputational harm and subsequent recovery efforts
  • Intellectual property (IP) theft
  • Supply chain and business interruptions
  • Incident management 
  • Legal liabilities
  • Forensic data recovery and investigations
  • Loss of control of critical business infrastructure of both networks and equipment

A range of valuation processes influence calculation of these hidden costs. Assigning a specific value to an intangible loss in the wake of a data breach or other cyber attack can be daunting for even the largest corporations. This valuation or damage analysis is often conducted by specialized cyber security professionals and represents an unexpected expense to deal with after a cyber attack occurs. 

Another potential side effect of cyber attacks is the rising expenses associated with insurance protection. Cyber insurance policy premiums have increased, and businesses purchasing or renewing such policies after a data breach occurs can expect steep costs. According to Deloitte, cyber insurance policyholders may experience a 200% increase in premiums after a breach. Just as likely is the insurer dropping coverage altogether unless specific data security conditions are met. Faced with the prospect of rising costs, it is critical that business owners evaluate their existing cyber insurance coverage before a data breach can harm business operations. With cyber insurance in place, business owners can rest easier knowing that the organization’s assets are protected from the rising specter of cyber criminality. 

About U.S. Risk

U.S. Risk, LLC. is a wholesale broker and specialty lines underwriting manager providing a wide range of specialty insurance products and services. Headquartered in Dallas, Texas and operating 16 domestic and international branches, U.S. Risk and its affiliates would like to help you access a world of new markets and products. For more information, contact us today at (800) 232-5830.

cyber security

Cyber Security Forecast for 2021

2020 provided unique challenges to business owners around the world. The coronavirus pandemic forced dramatic changes in business operations, pushing many companies toward a digital presence. Stay-at-home orders and quarantine restrictions drove a significant increase in remote work systems and online retailing as both employees and consumers were left with few other choices. As a result, cyber criminality grew bolder in its efforts to compromise sensitive business data. Cyber insurance serves as the risk management foundation against criminal activity. As 2021 unfolds, business owners must learn about the trends in cyber security to supplement the protections of cyber liability insurance.

Sharp Increases in Cyber Attacks

The COVID-19 pandemic has been disruptive to business operations in incalculable ways. One of the leading sources of interruption has resulted from a strong increase in the frequency and severity of cyber attacks. Criminals posing as employees to breach networks or plant malware in computer systems were able to steal millions of sensitive records. Nearly every sector was affected, from business operations to governments, scientific research centers, and financial institutions. In some industries, the number of cyber attacks increased by 400% or more. In all, criminal activity in gaining unauthorized access to business network has resulted in billions of dollars in direct losses and a sharp increase in cyber liabilities. Cyber insurance is crucial in protecting business assets against the onslaught of cyber risks.

Forecast #1: Growth in Ransomware Attacks

In many cases, cyber criminals breach computer systems for one reason: to hijack control of sensitive business data. So-called “ransomware” is injected into business networks; criminals then attempt to negotiate a ransom to return access to the data being held hostage. This type of cyber attack has proved lucrative for criminals worldwide – in several highly-publicized cases, companies have paid millions of dollars in ransoms to recover their data. Industry analysts suspect that ransomware attacks will continue to increase in 2021 and beyond based on the success criminals have had in 2020.

Cyber insurance provides coverage against the financial losses associated with ransomware attacks. Companies can supplement those insurance protections by adopting rigorous computer security policies, training employees on safe network access, and implementing the latest software/firmware patches against hackers.

Forecast #2: Remote Infrastructure at Risk

As the pandemic spread throughout the business world, companies moved their employees from centralized offices to their homes by deploying remote access systems. IT departments were often underprepared to handle this new remote work environment, and many companies implemented systems before thoroughly evaluating the cyber risks these systems represented. Criminals exploited weaknesses in cyber security and were able to capitalize on them, particularly in virtual private network (VPN) attacks. Cyber security professionals expect to see continued criminal focus on remote work systems in 2021.

Forecast #3: Security Weaknesses in Smart Devices

The Internet of Things (IoT) has captivated the business world over the past decade. Smart connected devices ranging from office lighting and heating/cooling to automated manufacturing and logistical tools have been adopted across industries. Unfortunately, these systems often come with security weaknesses out of the box, and many companies have not fully realized the potential for cyber criminals to exploit those weaknesses.

In simple terms, the more devices connected to business networks, the potential for more entry points for criminals. Although smart devices are capable of robust security, it is imperative for companies to evaluate weak points to develop risk management strategies against cyber criminals. Here, the role of cyber insurance cannot be overstated; it provides financial protection against the losses incurred by criminal activity on business networks.

Forecast #4: Centralization

Companies continue to work with third-party service providers to deliver critical computer services across platforms. Some of the service providers have grown dramatically as a result; an example is Amazon Web Services (AWS), which powers thousands of business networks around the world. This centralization has its advantages, including scalability and more affordable terms. Unfortunately, this level of centralization can cripple thousands of companies at once if the centralized service is compromised by criminals. From data breaches to the failure of smart devices connected to third-party services, business operations can grind to a halt. Developing robust mitigation strategies include not only cyber insurance but a detailed evaluation whether centralized service provision’s benefits outweigh the potential risks.

About U.S. Risk

U.S. Risk, LLC. is a wholesale broker and specialty lines underwriting manager providing a wide range of specialty insurance products and services. Headquartered in Dallas, Texas and operating 16 domestic and international branches, U.S. Risk and its affiliates would like to help you access a world of new markets and products. For more information, contact us today at (800) 232-5830.

data breach

How to Respond to a Data Breach

The best way to prevent a data breach is to be prepared for one. Implementing strong cybersecurity measures, maintaining them, and conducting regular updates are critical steps in securing systems. Educating staff about cybersecurity and training them on what they need to do to protect data and information are also crucial. Human error and carelessness are two of the primary causes of a cyberattack. Finally, your clients need a formalized plan for how to deal with an attack should one occur.

No matter what preventive measures your clients take, complete protection is not guaranteed. It is nearly impossible to stay ahead of cybercriminals. Cyberattacks are on the rise, with incidents in 2020 reaching as many as 4,000 per day. Procuring cyber liability insurance has never been more imperative to protect a business if it was to experience a data breach. So, what should a company do after a data breach? If an incident occurs, your clients need to be able to respond effectively and efficiently.

The Initial Response

A cyberattack can be daunting, but panicking will not help solve the problem. A data breach response plan helps your clients remain focused so that they know what initial steps they should take. Activate the response plan immediately. Take note of the date and time the breach was discovered, and when the response was initiated. Within the next 24 hours, your clients should also:

  • Alert members of the response team.
  • Secure the area to prevent access to evidence.
  • Take operations offline to prevent further data losses, but do not turn off the power or tamper with any technology.
  • Assess any additional risks and prioritize steps needed to reduce those risks.
  • Call in the cyber forensics team to begin investigations into when and how the cyberattack happened.
  • Consult with the legal team and notify law enforcement when necessary.
  • Notify the cyber liability insurance provider.

The Next Steps

After your clients complete the initial steps, they must document everything that has occurred thus far to ensure their company stays on track to recover and reopen. At this point, a team should begin resolving the issues to prevent future attacks. It is essential to carefully consider your client’s company’s vulnerabilities and address any issues that need to be remedied.

Service providers, encryption measures, and network segmentation should all be examined. The forensics team can ascertain whether any of these played a role in the attack. Identify everyone who may have been affected by the breach and what information was stolen. The forensics experts will remove any tools the hackers used to access the system.


Once affected businesses and individuals have been identified, it is imperative that they notify them as quickly as possible and let them know what information may be at risk. Make sure, however, that your clients consult with the lead investigator to time their notifications so that they do not impede investigations. Note that if the data breach involved health information, they are required to alert the Federal Trade Commission.

About U.S. Risk

U.S. Risk, LLC. is a wholesale broker and specialty lines underwriting manager providing a wide range of specialty insurance products and services. Headquartered in Dallas, Texas and operating 16 domestic and international branches, U.S. Risk and its affiliates would like to help you access a world of new markets and products. For more information, contact us today at (800) 232-5830.


cyber threats

Top 5 Cyber Threats for 2021 & Beyond

2020 was a difficult year for businesses around the globe. The coronavirus pandemic caused mass layoffs as the world economy came crashing down. For those business operations that were able to remain operational, a new threat emerged: cyber crimes. Cyber criminals stepped up their attacks on targets in the banking, utilities, and healthcare industries, causing billions of dollars in damages and lost productivity. Cyber liability insurance has become a critical risk management strategy for modern business operations, especially in the wake of increased criminal activity. For 2021 and beyond, business owners must gain knowledge about the top cyber threats they may face in the coming years.

What’s Old is New Again: Phishing Attacks

For nearly as long as computer devices were networked together, so-called “social engineering” hacks have plagued network administrators. Phishing, or the practice of having victims click a malicious link, open an infected email attachment, or reveal passwords and login credentials to attackers, has seen a sharp uptick during the pandemic. Hackers use phishing attacks to embed code into business computer networks or use credentials to gain access to sensitive data.

Ransomware: A Perennial Threat

Not quite as old as phishing, but still familiar to IT professionals is the ransomware attack, where cyber criminals will gain unauthorized access to a network and hold it hostage until a ransom payment is made. Malicious software is placed on targeted networks, particularly in the financial and healthcare sectors. These attacks interrupt business continuity and may result in the loss or destruction of critical data, straining even the best cyber liability insurance coverage.

Breaches in the Cloud

Cloud computing has revolutionized business networks across industries. Data can now be stored offsite and accessed from anywhere in the world. As a result, this has created new risk profiles for business owners – risks that cyber liability insurance is only now catching up to. Whether it is the cloud storage host or the end user, configuration errors are the most common source of unlawful data breaches. With access to sensitive business data, cyber criminals may intercept personally-identifying details, create fraudulent accounts, or sell data to the highest black market bidder. Again, these breaches can cost millions of dollars in recovery and damaged reputations.

The Internet of Things (IoT)

Every electronic device connected to a business network represents a potential weak point. The Internet of Things (IoT) has increased the ability of criminals to find and to exploit weaknesses. IoT is used to remotely manage business infrastructure or to capture and process data. Unfortunately, many of these devices are not equipped with robust security measures, making them a preferred target of cyber criminals. By exploiting weaknesses, criminals can gain access to business networks, giving them the ability to steal or erase data with a few strokes of a keyboard. Cyber liability insurance is designed to protect businesses from the losses associated with illicit criminal activity on company networks, but understanding the nature of IoT and the weaknesses it represents is a crucial risk management step.

Remote Work Environments: Prime Targets for Criminals

As the pandemic spread across the globe, resourceful employers added remote work options for their employees. Employees could log onto company networks from home using devices ranging from desktop and laptop computers to smartphones and tablets. Unfortunately, network security was often unable to keep pace with criminal activity, and remote workers were targeted by cyber thieves. Primarily, workers are responsible for keeping their own devices up to date in terms of antivirus and anti-intrusion software. Password management is another hot button issue for network administrators in the remote work environment. Each of these weaknesses is readily exploited by criminals and as a result, high-frequency and high-severity claims against cyber liability insurance policies have piled up.

To protect sensitive business networks, business owners must work with information security professionals to patch systems, increase monitoring, and train employees on safe access practices. These business owners must also carefully assess the coverages and limits of their cyber liability insurance policies. This insurance serves as a fallback in case of unauthorized or criminal computer activity. With this insurance and with information security practices in place, business owners can more readily protect sensitive data and computer networks from theft.

About U.S. Risk

U.S. Risk, LLC. is a wholesale broker and specialty lines underwriting manager providing a wide range of specialty insurance products and services. Headquartered in Dallas, Texas and operating 16 domestic and international branches, U.S. Risk and its affiliates would like to help you access a world of new markets and products. For more information, contact us today at (800) 232-5830.