General Insurance Article - Cybers sleeper threat business email compromise


While the cyber insurance market may categorize business email compromise (BEC) claims as more attritional and frequency-driven, a new report from Guy Carpenter, sheds light on the potentially devastating financial consequences of this often-overlooked threat.

 The report, Cyber's Sleeper Threat: Business Email Compromise, was published in conjunction with Marsh McLennan’s Cyber Risk Intelligence Center and investigates the threat and impact of BEC attacks – sophisticated forms of phishing that exploit human vulnerabilities rather than technical weaknesses. In these scenarios, attackers impersonate trusted entities to deceive employees into transferring funds, making it difficult for traditional security measures to detect and mitigate the risk effectively.

 An analysis of Marsh’s proprietary claims database over the last five years found more than 550 successful BEC events impacting Marsh clients with either a cyber or crime insurance policy in place. Of these events for which loss data is available, the report reveals the greatest number have a loss around 0.1% of the company revenue. For a company with $1 billion in revenue that amounts to a $1 million loss.

 Despite the considerable financial threat, commercially available cyber vendor models have mixed approaches as to whether BEC claims should be accounted for in their catastrophe event catalogue, the report says. The report found that only one industry-leading vendor has incorporated BEC as an explicit cyber peril into its models.

 “Cyber threats such as ransomware attacks, zero-day vulnerability exploits, and cloud service provider outages dominate the headlines. The consequences of a successful BEC attack, however, can also be devastating for an organization and create large losses for cyber (re)insurers,” said Erica Davis, global co-head of cyber, Guy Carpenter. “By driving awareness of the right cybersecurity measures, we can collectively improve the resilience of organizations against BEC threats and mitigate its impact on underwriting profitability.”

 You can access the full report here
  

Back to Index


Similar News to this Story

Data reveals only 7% of properties are insured correctly
According to data collected from more than 43,000 comprehensive property assessments, only a worrying 7% of UK properties are insured accurately, with
Heathrow cyber attack shows the need for cyber insurance
Heathrow cyber-attack highlights need for parametric and preventive cyber insurance. Major European airports, including Heathrow, Dublin, and Brussels
Road casualty statistics 2024
1,602 people were killed on Britain’s roads last year Young drivers and their passengers remain disproportionately at risk when compared to other dri

Site Search

Exact   Any  

Latest Actuarial Jobs

Actuarial Login

Email
Password
 Jobseeker    Client
Reminder Logon

APA Sponsors

Actuarial Jobs & News Feeds

Jobs RSS News RSS

WikiActuary

Be the first to contribute to our definitive actuarial reference forum. Built by actuaries for actuaries.