<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1354242&amp;fmt=gif">

Corvus Insurance Reports the Ratio of Ransoms Demanded to Ransoms Paid is Steadily Declining

Inaugural Corvus Risk Insights Index™ found that ransomware payments shrank from 44% in Q3 2020 to 12% by Q3 2021 due to improved backup processes and greater preparedness

Corvus Releases Inaugural Risk Insights Index™

BOSTON (October 21, 2021) -- Corvus Insurance, the leading provider of smart commercial insurance products powered by AI-driven risk data, today released findings from its inaugural Corvus Risk Insights Index™, a compilation of industry trends and data analysis based on the company’s proprietary IT security scanning technology, the Corvus Scan, as well as other first- and third-party data sources. The report provides an inside look at the insights and tools used by risk managers, IT departments, security researchers, and solution providers to hone their offerings and approaches to keeping organizations safe from evolving cyber threats.

“By tapping into the advanced capabilities of our IT scanning technology, we’re proud to share actionable data to increase awareness around the current state of cyber risk technology and help eliminate the impact of adverse events — especially as we approach the end of a pivotal year,” said Madhu Tadikonda, President of Corvus Insurance. “We hope this report will spark new cybersecurity innovation and spread awareness on how lower-effort, high-impact measures can make a significant difference in any organization’s risk.”

This edition of the Corvus Risk Insights Index™ focuses specifically on Cyber and Technology E&O (Errors and Omissions) risk and is broken down into four sections, including: litigation risk, cyber risk technologies, ransomware, and cyber vulnerability. All sections include contextual background on how foundational security methods can impact cybersecurity posture across organizations, pointing to how key indicators have fluctuated throughout the past few years.

Ransomware Claims and Costs

Ransomware has quickly become a dominant force in cyber risk, but its proliferation and the range in demands across various industries has continued to fluctuate.

  • Corvus recognized a rise in ransomware claims from Q2 2020 through Q1 2021 (0.25% to 0.58% increase in frequency), but then experienced a drop by 50% in Q2 2021 that largely sustained through Q3 2021.

While the reduced frequency is believed to be attributed to the shutdown of prolific ransomware groups Darkside and REvil during Q2 2021, the costs associated with a ransomware claim have continued to shift as recovery remains top of mind for businesses.

  • Breach response costs (for assistance in legal, forensics and recovery efforts) increased from 29% to 52% of overall claim costs while business interruption costs shrunk as a percentage.

  • Ransomware claims resulting in a ransom payment shrank from 44% in Q3 2020 to just 12% by Q3 2021.

This decrease in demand-to-pay ratio is likely due to improved preparedness and resiliency on the part of policyholders and their backups, allowing for breach response professionals to handle ransomware situations more efficiently and get companies back online faster.

Overall, ransomware attacks remain costly as the average cost for 2021 remains steady at $142,000 — almost identical to the previous year’s average. While there was a spike in the average cost of a ransomware attack in Q3 2021, which may appear to show a gain for threat actors, the average is composed of fewer overall attacks, and fewer attacks where any ransom was paid.

Litigation Risks for Tech Vendors

For technology vendors, a cyberattack or other outage linked to their products or services can result in major costs from defending lawsuits brought by customers who suffered outages or lost data as a result of the incident — and that is on top of any first-party remediation and recovery efforts.

  • A company with 250 or more employees is 216% more likely to sue their tech vendor than a company with 10 or fewer employees, and twice as likely as a company with 11-50 employees.

  • Media companies (publishers, TV networks, etc.) and metals manufacturers are 50% more likely to sue their technology vendors than the average business, while insurers are around 20% more likely.

Post-COVID Security & IT Trends

COVID-19 ignited rapid shifts in technology usage as remote work became more prevalent, and Corvus’s proprietary scan provided data to analyze trends from two major IT security measures: accessible remote desktop protocol (RDP) and email security.

  • After RDP became widely classified as an attack vector in 2020, its presence in IT systems dropped by 50% in 2021.

Email phishing continues to be a popular launching pad for cyber crimes against businesses, but fortunately there are a number of cloud-based security tools that can be implemented to thwart these threats.

  • Corvus recognized a 2.5x (158%) lift in the usage of email security software across all industries, contributing to the reduction of these widespread threats.

“Over the past few years, the cybersecurity landscape has completely erupted with sophisticated forms of cyber attacks, creating many challenges for today’s security professionals,” said Phil Edmundson, Founder and CEO of Corvus Insurance. “This report provides the analysis needed to empower organizations to continue enhancing their offerings and keep our world safe from destructive threat actors.”

You can access the full Corvus Risk Insight Index here. To learn more about Corvus, please visit https://www.corvusinsurance.com.

View the original press release on BusinessWire.

About Corvus Insurance

Corvus Insurance, a wholly owned subsidiary of The Travelers Companies, Inc., is building a safer world through insurance products that help to reduce cyber risk for policyholders. Corvus Insurance's Smart Cyber Insurance® and Smart Tech E+O® products include broad coverage, in-house claims handling, and risk prevention services that help prevent cyberattacks through threat alerts for policyholders and the partnership of our in-house cybersecurity experts. 

Corvus Insurance offers insurance products in the U.S., Middle East, Europe, Canada, and Australia. Corvus Insurance, Corvus London Markets, and Corvus Germany are the marketing names used to refer to Corvus Insurance Agency, LLC; Corvus Agency Limited; and Corvus Underwriting GmbH. All entities are subsidiaries of Corvus Insurance Holdings, Inc. For more information, visit corvusinsurance.com.

Recent Articles

Global Ransomware Attacks, Demands and Payments Rose in Second Quarter According to Corvus Insurance Cyber Threat Report


Q2 2024 Sets Record for Second Most Global Ransomware Attacks in a Quarter, Average Ransom Demand Soars by 102%. Keep reading to learn more.

Corvus Insurance Doubles Underwriting Offering, Expands Small Business Cyber Offering


Full transition to Travelers Excess and Surplus Lines paper completed.

Q1 2024 Sets Record for Most Global Ransomware Attacks in a First Quarter: New Corvus Insurance Ransomware Report


An unprecedented 18 new ransomware leak sites emerged over Q1 2024. Learn more about recent ransomware trends and activity in our press release.