This text was created in partnership with Cowbell.
As cyber threats develop in frequency and complexity, companies are going through mounting strain to ramp up their defenses. In line with Cowbell’s Cyber Roundup: Claims Report 2025, organizations are seeing a continued world rise in cyberattacks, each in quantity and class, largely pushed by AI-enhanced campaigns.
What’s extra, industry-wide information from the 2024 NAIC Cyber Insurance coverage Report revealed there’s been a file 33,561 reported cyber insurance coverage claims of late, indicating a gentle enhance in claims frequency. Regardless of this, Cowbell’s inner claims information paints a nuanced image: whereas common incident frequency has risen, ransomware claims have remained secure, persistently comprising 17–19% of all Cowbell claims between 2022 and 2024.
Chatting with Insurance coverage EnterpriseTrent Cooksley, co-founder and chief working officer of Cowbell, revealed that within the face of this rising concern performing preventatively somewhat than curatively is essential.
“Frequency is growing throughout the board,” Cooksley agreed. “(As such), employers must be fascinated about the downtime that they might expertise in the event that they expertise an assault. Longer occasions, which means you may have enterprise interruption, are among the larger issues that we’re seeing come into the market, in addition to lawsuits and sophistication actions – particularly within the US.
“Each group, no matter measurement, can undertake low and even no-budget protections that may dramatically cut back threat. Multi-Issue Authentication (MFA) – we discuss that on a regular basis and it’s superb how individuals nonetheless do not leverage it and even worse, utilizing it however not configuring accurately. (It’s all about) worker coaching – as a result of, once more, phishing is getting extra complicated to interpret.”
Cyber insurance coverage as a instrument of resilience
And the information’s there to again Cooksley up. Cowbell’s report discovered that that phishing stays the commonest methodology of assault initiation, typically serving because the entry level for extra extreme incidents resembling enterprise e-mail compromise (BEC), funds switch fraud, and ransomware. What’s extra, the FBI reported 193,000 complaints associated to phishing and spoofing in 2024, making these techniques probably the most reported cybercrimes within the US.
As Cooksley informed IBpreparation is crucial right here. The true measure of success for organizations is having a plan in place earlier than an incident happens – so you are not simply “taking pictures within the air” and performing reactively.
“Have a response plan. Folks ought to know the way they will handle these issues,” Cooksley harassed. “Our group at Cowbell will help policyholders with all of this.”
And there’s no scarcity of organized cybercrime teams on the market seeking to pry open your information. As per Cowbell’s report, there’s 5 ransomware teams behind practically 48% of incidents with identified menace actors:
- Akira (17.4%): Recognized for double extortion, concentrating on mid-sized companies.
- Play (9.2%): Makes use of stealthy assaults with delayed execution, making detection tougher.
- LockBit (7.7%): Operates as a ransomware-as-a-service (RaaS) platform with world attain.
- Fog (7.2%): Exploits unpatched VPNs and e-mail methods, indicating opportunistic and technical sophistication.
- RansomHub (6.2%): Focuses on information exfiltration and public leak threats.
With that in thoughts Cooksley, and his group at Cowbell, believes cyber insurance coverage shouldn’t be considered merely as a post-incident security web; it is also a real-time instrument for threat administration.
“Plenty of small to medium-sized firms nonetheless do not buy it,” he informed IB. “(However) it’s a vital monetary and operational security web when an incident does happen. For us, nonetheless, the perfect carriers aren’t simply responding to breaches and paying them – we need to proactively assist policyholders construct their resilience.
“At Cowbell, we try this by way of complimentary or discounted companies resembling (cybersecurity consciousness) coaching, darkish net monitoring, phishing simulations, pen testing, and having incident response hotlines. That’s the funding in cyber insurance coverage – simply as a lot as making a fee when one thing happens.”
Defenses towards supercharged cyber threat
Whereas foundational defenses are vital, Cooksley revealed that extra subtle protections turn out to be important as firms develop or face elevated threat.
“The following step after that’s extra superior cybersecurity measures,” he stated. “So in case you’re a corporation of measurement, that is when you really want to begin fascinated about the way you’re rising or going through heightened threat and increasing past the fundamentals. That features managed detection and response, endpoint safety, penetration testing so the place your weak factors are. Third-party assessments, vendor and provide chain threat evaluations – are you uncovered to particular distributors the place, if they’ve one thing, how is that going to impression your corporation?”
Cowbell’s report definitely agrees, with their researchers highlighting that this battle towards cybercrime requires a complete organizational shift. Right here, the report factors to a 4 step strategy;
- Strengthening incident response capabilities by way of expert negotiation and speedy motion.
- Prioritizing cyber hygiene and patch administration to defend towards more and more focused assaults.
- Enhancing partnerships between companies and cyber insurers, guaranteeing help by way of each prevention and restoration phases.
- Investing in proactive instruments and threat monitoring, resembling Cowbell Elements, to cut back publicity and enhance claims outcomes.
SMEs: The missed goal
All too typically, relating to organizations investing in cyber insurance coverage, smaller firms are likely to have a misplaced sense of safety. As a result of the media tends to solely print headlines round world cyberattacks, ransomware heists that price firms tens of millions, SMEs assume ‘it can by no means occur to them’ – however how mistaken they’re.
“They most likely have extra gaps than they’re conscious of,” added Cooksley. “And numerous menace actors, whereas they’d somewhat go after massive fish, aren’t all the time particularly concentrating on that. They’re taking a shotgun strategy – consider it as strolling down the road and burgling whoever’s door is unlocked.”
It’s this false sense of confidence that’s leaving SMEs ripe for the selecting. Information collated by Astra discovered that small companies account for 43% of cyberattacks yearly, costing SMEs a mean of $25,000 every. What’s extra, simply 14% of SMEs impacted have been really ready to face such an assault – and cash is simply a part of the loss.
“If you happen to’re small, you might not have the resiliency to proceed shifting on,” added Cooksley. “Are you able to proceed working in case you’re hit with ransomware? I’d argue that there is many who can not. A misplaced shopper for a small enterprise is way more impactful than misplaced shoppers in actually massive organizations – they will face up to that somewhat bit extra. There’s additionally an extra expense to really get to the restoration as a result of you do not have the capabilities in-house to do it. (Right here), insurance coverage will help bridge the hole offering safety in addition to offering the vital assets to get well rapidly after an assault.”
‘Cops and robbers’
As these assault turn out to be extra superior so too should the defenses – cyber insurance coverage should evolve in lockstep. And Cooksley affirmed that it’s.
“That is the age-old cops and robbers,” he informed IB. “If the dangerous guys are going to develop extra sophistication, the great guys are going to proceed to battle again and even be forward in numerous instances. (Right here), extra organizations are leveraging AI to streamline processes, enhance velocity and accuracy and provide proactive instruments to watch these threats.”
And for Cooksley, he was fast to emphasise the worth of cyber insurers’ ecosystem-wide view.
“We’re seeing the developments of the menace actors in actual time,” he stated. “I find out about specific issues which are taking place within the ecosystem that we haven’t needed to cope with ourselves but -but I see that as a result of our companions have. What Cowbell was premised on was steady monitoring. You need to regularly be updated on the brand new exposures which are occurring and the brand new threats which are taking place.
“Our platform was constructed to absorb real-time data and never have it’s in your customary insurance coverage cycle that’s usually all the time trying into the previous. At Cowbell, we’re making an attempt to look into the long run.”
