Haute Cyber: Strutting Attackers, 2024 – Greater Sophistication, No Mercy

Ransomware attacks are becoming more sophisticated, with cyber criminals now using tactics such as stealing data and blocking access to it. This “double extortion” method forces companies to pay the ransom in order to regain access to their data. Phishing attacks are also growing more advanced due to the increased use of generative AI. Cyber criminals are now able to manipulate email communications in a much more realistic way, making it harder for people to distinguish between legitimate and malicious messages. With cyber attacks becoming more sophisticated, companies need to move away from simply having a cybersecurity plan in place and invest more heavily in incident detection and response. This will be vital in helping them recover from cyber incidents quickly, thereby reducing business interruption losses. Collaboration between cyber insurance companies and their insureds will also be critical in 2024. Insureds often fail to realize the support they can receive from their insurers, while insurers need to work on better understanding their insureds’ business operations so they can provide appropriate coverage. Context is key in cyber insurance, as the specific operations and regulatory requirements of a company can greatly affect the potential impact of a cyber attack. Rather than relying on generalized questionnaires, insurers should have tailored conversations with insureds about their cybersecurity strategies. By doing so, insurers can gain a better understanding of the risks involved and offer more effective coverage.