Fraudulent instruction as a form of cyber attack is on the rise, according to new data from specialty insurer Beazley.
The report includes data gathered between 2020 and Q3 of 2022, including cause of loss by industry, ransomware vectors, business email compromise, and data exfiltration. Beazley analysed these data points to reveal the current state of cyber risk.
According to the report, professional services firms experienced more fraudulent instruction and almost as many business email compromise incidents so far in 2022 as they did in the entirety of 2021. Claims caused by fraudulent instruction are rising this year despite an overall decline in incidents, Beazley said.
On the other hand, system infiltration overall is down this year due to a combination of factors, including better risk selection, improved security practices, and threat actor attention being focused elsewhere, Beazley said. This breathing room gives organisations time to get their cyber assets in order before a resurgence in attacks, Beazley said. The insurer said that organisations needed to be alert to the ways gaps in inventory could slow down detection and response capabilities, both on-premises and in the cloud.
“The past two years of pandemic-driven remote work have led to decreased interdepartmental communication and less oversight overall, making the likelihood that an organisation has an incomplete asset inventory greater than ever,” said Bala Larson, head of client experience at Beazley. “Good asset management is good governance, and as such, it needs to be built into business decision-making. Organisations that fail to do so inherently expose themselves to cyber breaches that result in higher costs and more liability.”