Beazley highlights growing cyber sophistication

A new sophistication in criminals’ approach is emerging when it comes to cyber risk, according to Beazley.

Unveiling its inaugural Beazley Cyber Services Snapshot, the carrier noted that cyber risk remains a persistent threat to organisations, though with no appreciable change in incidence.

The report explores the growing issue of data exfiltration, exploring the myriad ways that extortion is evolving and becoming more intricate – and how organisations should respond to the associated risks.

It suggests that threat actors are finding new ways to do business, resulting in double- and even triple-extortion, and as extortion techniques become increasingly complex, so do the risk exposures.

The report features data gathered between 2020 and Q1 of 2022, including cause of loss by industry, ransomware vectors, business email compromise, and data exfiltration. These key data points clearly illustrate a continued need for a multipronged approach to cyber security, according to Beazley.

“Extortion incidents no longer just involves file encryption,” said Raf Sanchez, Beazley’s global head of Cyber Services.

“We are seeing data exfiltration now prevalent in a significant majority of incidents reported to our cyber services team. Multiple threat actors are involved, and they are encrypting systems, stealing and selling data they’ve accessed, and also threatening to expose the fact that an organisation’s data was stolen unless payment is provided.”

“This is an increasingly complex landscape and it’s essential that organisations understand the threats and resulting vulnerabilities of these new threat vectors.”

With the quarterly Cyber Services Snapshot, Beazley aims to provide real-time insights into the state of cybersecurity, using incidents reported to Beazley as well as trend analysis from the cyber services team to reveal an ongoing picture of emerging cyber risk.