This text was created in partnership with Cowbell.
As cyber threats develop in frequency and complexity, companies are dealing with mounting strain to ramp up their defenses. In keeping with Cowbell’s Cyber Roundup: Claims Report 2025, organizations are seeing a continued world rise in cyberattacks, each in quantity and class, largely pushed by AI-enhanced campaigns.
What’s extra, industry-wide information from the 2024 NAIC Cyber Insurance coverage Report revealed there’s been a report 33,561 reported cyber insurance coverage claims of late, indicating a gentle enhance in claims frequency. Regardless of this, Cowbell’s inner claims information paints a nuanced image: whereas common incident frequency has risen, ransomware claims have remained steady, constantly comprising 17–19% of all Cowbell claims between 2022 and 2024.
Talking to Insurance coverage Enterprise, Trent Cooksley, co-founder and chief working officer of Cowbell, revealed that within the face of this rising concern appearing preventatively somewhat than curatively is essential.
“Frequency is growing throughout the board,” Cooksley agreed. “[As such], employers must be fascinated by the downtime that they might expertise in the event that they expertise an assault. Longer occasions, which means you’ve got enterprise interruption, are a few of the greater issues that we’re seeing come into the market, in addition to lawsuits and sophistication actions – particularly within the US.
“Each group, no matter measurement, can undertake low and even no-budget protections that may dramatically cut back danger. Multi-Issue Authentication (MFA) – we speak about that on a regular basis and it’s wonderful how folks nonetheless do not leverage it and even worse, utilizing it however not configuring accurately. [It’s all about] worker coaching – as a result of, once more, phishing is getting extra advanced to interpret.”
Cyber insurance coverage as a device of resilience
And the information’s there to again Cooksley up. Cowbell’s report discovered that that phishing stays the commonest technique of assault initiation, typically serving because the entry level for extra extreme incidents similar to enterprise e-mail compromise (BEC), funds switch fraud, and ransomware. What’s extra, the FBI reported 193,000 complaints associated to phishing and spoofing in 2024, making these techniques essentially the most reported cybercrimes within the US.
As Cooksley instructed IB, preparation is important right here. The actual measure of success for organizations is having a plan in place earlier than an incident happens – so you are not simply “taking pictures within the air” and appearing reactively.
“Have a response plan. Individuals ought to know the way they’ll deal with these issues,” Cooksley careworn. “Our staff at Cowbell can assist policyholders with all of this.”
And there’s no scarcity of organized cybercrime teams on the market seeking to pry open your information. As per Cowbell’s report, there’s 5 ransomware teams behind practically 48% of incidents with identified menace actors:
- Akira (17.4%): Identified for double extortion, concentrating on mid-sized companies.
- Play (9.2%): Makes use of stealthy assaults with delayed execution, making detection more durable.
- LockBit (7.7%): Operates as a ransomware-as-a-service (RaaS) platform with world attain.
- Fog (7.2%): Exploits unpatched VPNs and e-mail techniques, indicating opportunistic and technical sophistication.
- RansomHub (6.2%): Focuses on information exfiltration and public leak threats.
With that in thoughts Cooksley, and his staff at Cowbell, believes cyber insurance coverage shouldn’t be seen merely as a post-incident security internet; it is also a real-time device for danger administration.
“A whole lot of small to medium-sized firms nonetheless do not buy it,” he instructed IB. “[But] it’s a vital monetary and operational security internet when an incident does happen. For us, nonetheless, the perfect carriers aren’t simply responding to breaches and paying them – we need to proactively assist policyholders construct their resilience.
“At Cowbell, we do this by means of complimentary or discounted companies similar to [cybersecurity awareness] coaching, darkish net monitoring, phishing simulations, pen testing, and having incident response hotlines. That’s the funding in cyber insurance coverage – simply as a lot as making a cost when one thing happens.”
Defenses towards supercharged cyber danger
Whereas foundational defenses are vital, Cooksley revealed that extra refined protections develop into important as firms develop or face elevated danger.
“The subsequent step after that’s extra superior cybersecurity measures,” he stated. “So if you happen to’re a company of measurement, that is when you actually need to start out fascinated by the way you’re rising or dealing with heightened danger and increasing past the fundamentals. That features managed detection and response, endpoint safety, penetration testing so you understand the place your weak factors are. Third-party assessments, vendor and provide chain danger evaluations – are you uncovered to particular distributors the place, if they’ve one thing, how is that going to affect your online business?”
Cowbell’s report actually agrees, with their researchers highlighting that this combat towards cybercrime requires an entire organizational shift. Right here, the report factors to a 4 step method;
- Strengthening incident response capabilities by means of expert negotiation and fast motion.
- Prioritizing cyber hygiene and patch administration to defend towards more and more focused assaults.
- Enhancing partnerships between companies and cyber insurers, guaranteeing help by means of each prevention and restoration phases.
- Investing in proactive instruments and danger monitoring, similar to Cowbell Components, to cut back publicity and enhance claims outcomes.
SMEs: The missed goal
All too typically, in relation to organizations investing in cyber insurance coverage, smaller firms are inclined to have a misplaced sense of safety. As a result of the media tends to solely print headlines round world cyberattacks, ransomware heists that value companies hundreds of thousands, SMEs assume ‘it is going to by no means occur to them’ – however how improper they’re.
“They most likely have extra gaps than they’re conscious of,” added Cooksley. “And a number of menace actors, whereas they might somewhat go after massive fish, aren’t all the time particularly concentrating on that. They’re taking a shotgun method – consider it as strolling down the road and burgling whoever’s door is unlocked.”
It’s this false sense of confidence that’s leaving SMEs ripe for the selecting. Information collated by Astra discovered that small companies account for 43% of cyberattacks yearly, costing SMEs a mean of $25,000 every. What’s extra, simply 14% of SMEs impacted have been really ready to face such an assault – and cash is simply a part of the loss.
“Should you’re small, it’s possible you’ll not have the resiliency to proceed shifting on,” added Cooksley. “Are you able to proceed working if you happen to’re hit with ransomware? I’d argue that there is many who can not. A misplaced consumer for a small enterprise is far more impactful than misplaced shoppers in actually massive organizations – they will face up to that somewhat bit extra. There’s additionally an extra expense to truly get to the restoration as a result of you do not have the capabilities in-house to do it. [Here], insurance coverage can assist bridge the hole offering safety in addition to offering the vital assets to get well rapidly after an assault.”
‘Cops and robbers’
As these assault develop into extra superior so too should the defenses – cyber insurance coverage should evolve in lockstep. And Cooksley affirmed that it’s.
“That is the age-old cops and robbers,” he instructed IB. “If the dangerous guys are going to develop extra sophistication, the nice guys are going to proceed to combat again and even be forward in a number of instances. [Here], extra organizations are leveraging AI to streamline processes, enhance pace and accuracy and supply proactive instruments to watch these threats.”
And for Cooksley, he was fast to emphasise the worth of cyber insurers’ ecosystem-wide view.
“We’re seeing the developments of the menace actors in actual time,” he stated. “I learn about explicit issues which are taking place within the ecosystem that we haven’t needed to take care of ourselves but -but I see that as a result of our companions have. What Cowbell was premised on was steady monitoring. It’s important to frequently be updated on the brand new exposures which are occurring and the brand new threats which are taking place.
“Our platform was constructed to soak up real-time data and never have or not it’s in your commonplace insurance coverage cycle that’s sometimes all the time wanting into the previous. At Cowbell, we’re attempting to look into the long run.”
