This text was created in partnership with Cowbell.
As cyber threats develop in frequency and complexity, companies are going through mounting stress to ramp up their defenses. In keeping with Cowbell’s Cyber Roundup: Claims Report 2025, organizations are seeing a continued international rise in cyberattacks, each in quantity and class, largely pushed by AI-enhanced campaigns.
What’s extra, industry-wide information from the 2024 NAIC Cyber Insurance coverage Report revealed there’s been a report 33,561 reported cyber insurance coverage claims of late, indicating a gradual enhance in claims frequency. Regardless of this, Cowbell’s inner claims information paints a nuanced image: whereas common incident frequency has risen, ransomware claims have remained secure, constantly comprising 17–19% of all Cowbell claims between 2022 and 2024.
Chatting with Insurance coverage Enterprise, Trent Cooksley, co-founder and chief working officer of Cowbell, revealed that within the face of this rising concern performing preventatively fairly than curatively is essential.
“Frequency is rising throughout the board,” Cooksley agreed. “[As such], employers must be desirous about the downtime that they may expertise in the event that they expertise an assault. Longer occasions, that means you may have enterprise interruption, are a number of the larger issues that we’re seeing come into the market, in addition to lawsuits and sophistication actions – particularly within the US.
“Each group, no matter measurement, can undertake low and even no-budget protections that may dramatically cut back threat. Multi-Issue Authentication (MFA) – we discuss that on a regular basis and it’s wonderful how individuals nonetheless do not leverage it and even worse, utilizing it however not configuring accurately. [It’s all about] worker coaching – as a result of, once more, phishing is getting extra advanced to interpret.”
Cyber insurance coverage as a software of resilience
And the information’s there to again Cooksley up. Cowbell’s report discovered that that phishing stays the commonest methodology of assault initiation, typically serving because the entry level for extra extreme incidents similar to enterprise electronic mail compromise (BEC), funds switch fraud, and ransomware. What’s extra, the FBI reported 193,000 complaints associated to phishing and spoofing in 2024, making these ways essentially the most reported cybercrimes within the US.
As Cooksley instructed IB, preparation is important right here. The true measure of success for organizations is having a plan in place earlier than an incident happens – so you are not simply “capturing within the air” and performing reactively.
“Have a response plan. Individuals ought to know the way they will deal with these issues,” Cooksley burdened. “Our workforce at Cowbell might help policyholders with all of this.”
And there’s no scarcity of organized cybercrime teams on the market seeking to pry open your information. As per Cowbell’s report, there’s 5 ransomware teams behind almost 48% of incidents with identified risk actors:
- Akira (17.4%): Identified for double extortion, concentrating on mid-sized companies.
- Play (9.2%): Makes use of stealthy assaults with delayed execution, making detection tougher.
- LockBit (7.7%): Operates as a ransomware-as-a-service (RaaS) platform with international attain.
- Fog (7.2%): Exploits unpatched VPNs and electronic mail programs, indicating opportunistic and technical sophistication.
- RansomHub (6.2%): Focuses on information exfiltration and public leak threats.
With that in thoughts Cooksley, and his workforce at Cowbell, believes cyber insurance coverage shouldn’t be seen merely as a post-incident security internet; it is also a real-time software for threat administration.
“A number of small to medium-sized firms nonetheless do not buy it,” he instructed IB. “[But] it’s a crucial monetary and operational security internet when an incident does happen. For us, nonetheless, one of the best carriers aren’t simply responding to breaches and paying them – we need to proactively assist policyholders construct their resilience.
“At Cowbell, we try this by means of complimentary or discounted companies similar to [cybersecurity awareness] coaching, darkish net monitoring, phishing simulations, pen testing, and having incident response hotlines. That’s the funding in cyber insurance coverage – simply as a lot as making a fee when one thing happens.”
Defenses towards supercharged cyber threat
Whereas foundational defenses are crucial, Cooksley revealed that extra subtle protections turn out to be important as firms develop or face elevated threat.
“The following step after that’s extra superior cybersecurity measures,” he stated. “So when you’re a company of measurement, that is when you really want to begin desirous about the way you’re rising or going through heightened threat and increasing past the fundamentals. That features managed detection and response, endpoint safety, penetration testing so you realize the place your weak factors are. Third-party assessments, vendor and provide chain threat evaluations – are you uncovered to particular distributors the place, if they’ve one thing, how is that going to influence your corporation?”
Cowbell’s report actually agrees, with their researchers highlighting that this battle towards cybercrime requires a complete organizational shift. Right here, the report factors to a 4 step strategy;
- Strengthening incident response capabilities by means of expert negotiation and fast motion.
- Prioritizing cyber hygiene and patch administration to defend towards more and more focused assaults.
- Enhancing partnerships between companies and cyber insurers, making certain help by means of each prevention and restoration phases.
- Investing in proactive instruments and threat monitoring, similar to Cowbell Elements, to scale back publicity and enhance claims outcomes.
SMEs: The neglected goal
All too typically, with regards to organizations investing in cyber insurance coverage, smaller firms are inclined to have a misplaced sense of safety. As a result of the media tends to solely print headlines round international cyberattacks, ransomware heists that value companies hundreds of thousands, SMEs assume ‘it’ll by no means occur to them’ – however how unsuitable they’re.
“They most likely have extra gaps than they’re conscious of,” added Cooksley. “And plenty of risk actors, whereas they might fairly go after giant fish, aren’t at all times particularly concentrating on that. They’re taking a shotgun strategy – consider it as strolling down the road and burgling whoever’s door is unlocked.”
It’s this false sense of confidence that’s leaving SMEs ripe for the choosing. Information collated by Astra discovered that small companies account for 43% of cyberattacks yearly, costing SMEs a mean of $25,000 every. What’s extra, simply 14% of SMEs impacted have been really ready to face such an assault – and cash is simply a part of the loss.
“For those who’re small, you might not have the resiliency to proceed shifting on,” added Cooksley. “Are you able to proceed working when you’re hit with ransomware? I might argue that there is many who can not. A misplaced shopper for a small enterprise is rather more impactful than misplaced purchasers in actually giant organizations – they will stand up to that a bit of bit extra. There’s additionally an extra expense to truly get to the restoration as a result of you do not have the capabilities in-house to do it. [Here], insurance coverage might help bridge the hole offering safety in addition to offering the crucial assets to recuperate shortly after an assault.”
‘Cops and robbers’
As these assault turn out to be extra superior so too should the defenses – cyber insurance coverage should evolve in lockstep. And Cooksley affirmed that it’s.
“That is the age-old cops and robbers,” he instructed IB. “If the unhealthy guys are going to develop extra sophistication, the great guys are going to proceed to battle again and even be forward in plenty of circumstances. [Here], extra organizations are leveraging AI to streamline processes, enhance velocity and accuracy and provide proactive instruments to observe these threats.”
And for Cooksley, he was fast to emphasise the worth of cyber insurers’ ecosystem-wide view.
“We’re seeing the developments of the risk actors in actual time,” he stated. “I learn about explicit issues which can be taking place within the ecosystem that we haven’t needed to cope with ourselves but -but I see that as a result of our companions have. What Cowbell was premised on was steady monitoring. It’s important to regularly be updated on the brand new exposures which can be occurring and the brand new threats which can be taking place.
“Our platform was constructed to soak up real-time info and never have it’s in your customary insurance coverage cycle that’s sometimes at all times trying into the previous. At Cowbell, we’re attempting to look into the longer term.”
