Beazley, a pioneer in cyber and data breach response insurance,
today released its Beazley Breach Insights findings based on its
client data in the first six months of 2017.
Ransomware attacks continued their rise in the first half of
2017, up by 50% over the first half of 2016.
Hacking and malware attacks (of which ransomware attacks form a
growing part), continue to be the leading cause of breaches,
accounting for 32% of the 1,330 incidents that Beazley Breach
Response Services helped clients handle in the first half of the
year.
However, accidental breaches caused by employee error or data
breached while controlled by third party suppliers continue to be a
major problem, accounting for 30% of breaches overall, only
slightly behind the level of hacking and malware attacks. In
the healthcare sector these accidental breaches represent, by a
significant margin, the most common cause of loss at 42% of
incidents.
This continuing high level of accidental data breaches suggests
that organizations are still failing to put in place the robust
measures needed to safeguard client data and confidentiality. Since
2014, the number of accidental breaches reported to Beazley’s team
has shown no sign of diminishing. As more stringent
regulatory environments become the norm, this failure to act puts
organizations at greater risk of regulatory sanctions and financial
penalties.
In June, the BBR Services team worked closely with insured
clients to provide legal and forensics services in response the
international NotPetya ransomware attacks. The ability to respond
quickly to ransomware attacks is especially critical for healthcare
organizations due to the Office for Civil Rights (OCR) treating all
ransomware attacks as a presumed breach.
2017 data breach trends
Unintended disclosures caused 26% of breaches in 1H 2017 in the
higher education sector. While slightly down on the 28%
recorded in 1H2016, this still represents a quarter of all breaches
which could be mitigated through more effective controls and
processes. Hacks and malware accounted for nearly half of
higher education data breaches in the first six months of 2017
(43%), roughly even with the 45% of breaches caused by hacking in
the same period in 2016. Of these, 41% were due to phishing.
Unintended disclosure – such as misdirected faxes and emails or
the improper release of discharge papers – continued to drive the
majority of healthcare losses, leading to 42% of industry breaches
in 1H 2017 equal to the proportion of these breaches in the
industry in 1H 2016. Hacks and malware accounted for only 18%
of healthcare data breaches in 1H 2017, compared to 17% in 1H
2016.
- Unintended disclosures among financial services
firms
Unintended disclosure - sending bank account details or personal
information to the incorrect recipient - grew to 29% in H1 2017
from 25% in H1 2016, a level that has remained consistent since
2014. Hacks and malware were on a downward trend representing
37% of breaches in 1H 2017compared to 46% of breaches in H1
2016.
- Professional services on the wrong track
At first glance, professional services firms appear to have
greater internal controls in place with unintended breaches
accounting for 14% of all incidents, well below the average for the
period in question. However, the trend is tracking adversely,
up from 9% in H1 2016. Firms in the sector were not immune to
hacking and malware attacks, with these incidents accounting for
44% of breaches in the time period compared to 53% in 1H 2016.
Social engineering scams, including W2 fraud and requests for
fraudulent wire transfers, were a large driver of attacks at the
beginning of 2017.
Katherine Keefe, global head of BBR Services, said: “Unintended
breaches account for one-third of all data breach incidents
reported to Beazley and show no signs of abating. They are a
persistent threat and expose organizations to greater risks of
regulatory sanctions and financial penalties. Yet, they can be much
more easily controlled and mitigated than external threats.
We urge organizations not to ignore this significant risk and to
put more robust systems and procedures in place.”
Read the Beazley Breach Insights – July 2017 report
About Beazley Breach Response (BBR)
During the first half of 2017, Beazley Breach Response Services,
Beazley’s in-house team of breach response experts, managed 1,330
incidents on behalf of clients, compared to 955 incidents during
the same period 2016.
Beazley has helped clients handle more than 6,000 data breaches
since the launch of Beazley Breach Response in 2009 and is the only
insurer with a dedicated in-house team focusing exclusively on
helping clients handle data breaches. Beazley's BBR Services team
coordinates the expert forensic, legal, notification and credit
monitoring services that clients need to satisfy all legal
requirements and maintain customer confidence. In addition to
coordinating data breach response, BBR Services maintains and
develops Beazley's suite of risk management services, designed to
minimize the risk of a data breach occurring.
BZPR_08_01_2017
Note to editors:
Beazley plc (BEZ) is the parent company of specialist insurance
businesses with operations in Europe, the US, Canada, Latin
America, Asia, the Middle East and Australia. Beazley manages
six Lloyd’s syndicates and, in 2016, underwrote gross premiums
worldwide of $2,195.6 million. All Lloyd’s syndicates are rated A
by A.M. Best.
Beazley’s underwriters in the United States focus on writing a
range of specialist insurance products. In the admitted
market, coverage is provided by Beazley Insurance Company, Inc., an
A.M. Best A rated carrier licensed in all 50 states. In the
surplus lines market, coverage is provided by the Beazley
syndicates at Lloyd’s.
Beazley is a market leader in many of its chosen lines,
which include professional indemnity, property, marine,
reinsurance, accident and life, and political risks and contingency
business.
For more information please go to: www.beazley.com
Deborah Kostroun
Ketchum
+1 201-403-8185
deborah.kostroun@ketchumzito.com
Beazley (LSE:BEZ)
Historical Stock Chart
From Apr 2024 to May 2024
Beazley (LSE:BEZ)
Historical Stock Chart
From May 2023 to May 2024