Cyber insurance insights: Often simple precautions are missing

8. October, 2020

Cybersecurity not only employs IT service providers and companies, but also increasingly the insurance industry. While security providers focus on the technical side, insurance companies mainly offer financial risk transfer.

Evaluation of damage cases with SMB

Cyber insurance provider Coalition published extensive findings from the incidents of its customers in the first half of 2020.[1] The data is mainly based on small and medium-sized companies from the USA and Canada. It shows interesting insights and trends – for example, that companies of all industries and sizes are affected. Attacks appear to be widespread and incidents can be expected anywhere and at any time.

COVID-19 as a booster and „door opener“

Good news first: The home office wave has only led to a limited increase in attacks. The bad news: The attacks were much more successful – due to the new circumstances.

The study also reveals significant differences between the platforms used. For example, companies using Microsoft Office reported security incidents three times more frequently than Gmail users. In terms of malware classes, ransomware continued to lead the way with more than 40%.

Many events of damage avoidable

A key finding concerns the status and maturity of security measures in companies. The full scope of cybersecurity still seems to have not yet been sufficiently addressed by those responsible in small and medium-sized companies. Often the simplest and most fundamental precautions are not implemented or only in fragments. Many malfunctions and losses could have been avoided very easily. These two simple best-practice methods help effectively and can be implemented at low cost:

  • Regular, up-to-date and unalterable offline backups to protect the most important systems and data from ransomware attacks
  • Multi-factor authentication to significantly reduce the loss and misuse of user identities

Insurance can – to a limited extent – compensate for financial losses, but the full extent of successful cyber attacks is never completely reversible. Damaged reputations and lost contracts often have a delayed impact on business.

For secure operations, companies therefore need to be aware of the real risks of cyber attacks on the one hand, and on the other hand they need to comply with basic precautions at the technical level.


Working safely from home

Three years after NotPetya: 5 tips for your business


Account Management
Indicators of Attack
Gefahren durch vertrauenswürdige Services
Threat Intelligence
SQL Injection
SMTP Smuggling
Cyber-Risiken in der Ferienzeit
Dynamische Cybersicherheit
Harmony Mobile by Check Point
EU Machinery Regulation
Sergejs Harlamovs, Malware-Analyst bei IKARUS

Plugin IdaClu accelerates malware analysis

IdaClu: IKARUS malware analyst Sergejs Harlamovs wins Hex-Rays plugin contest


IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 (0) 1 58995-0
Sales Hotline:
+43 (0) 1 58995-500


Support hotline:
+43 (0) 1 58995-400

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm

Remote maintenance software:
AnyDesk Download