Corvus Insurance

Corvus Insurance today released its Q3 2024 Cyber Threat Report, which showed that attackers leveraging virtual private network vulnerabilities and weak passwords for initial access contributed to nearly 30% of ransomware attacks. According to the Q3 report, many of these incidents were traced to outdated software or VPN accounts with inadequate protection. “Attackers are focused on finding the path of least resistance into a business to launch an attack, and in Q3 that entry point was the VPN,” said Jason Rebholz, Chief Information Security Officer at Corvus. “As we look forward, businesses must strengthen defenses with multi-layered security approaches that extend beyond MFA. Today, MFA is mere table stakes and must be complemented with secure access controls capable of shoring up these current and future areas of vulnerability.” Learn more: https://lnkd.in/gU_w6vng #ransomware #cyberinsurance

Corvus dedicated the month of October to volunteering for causes related to homelessness and food insecurity. Our Boston area team had the opportunity to prepare and serve lunches at local homeless shelters Rosie's Place and St. Francis House. #cyberinsurance #saferworld #Thanksgiving

Today at the PLUS Conference, Corvus CISO, Jason Rebholz, joins Travelers' Vice President Claims, Bond & Specialty Insurance, Bob Flowers, and the FBI's Jaykumar Patel, for a panel on the current and future threat of deepfakes. The panel will demonstrate the current state of how AI and other technology advances are enabling threat actors to commit cybercrimes and social engineering frauds. #plusconference #deepfakes #cybersecurity #cyberinsurance

Ransomware attacks are becoming more frequent and severe, with ransom demands reaching a near two-year high in Q2, surpassing 2022 levels. Organizations without strong backup systems are 2.38 times more likely to pay ransoms, as ransomware encrypts their data and leaves them with no alternatives. However, companies with robust backup strategies, like immutable backups and the "3-2-1" method (storing data copies in segregated locations), fare much better. These organizations have 72% lower claim costs, as they can restore data from backups and avoid the expensive decryption process. Learn the latest in ransomware news from our threat intel team so you can educate your clients on what to look out for and how to protect themselves: https://lnkd.in/g_Ch84XB #Ransomware #CyberInsurance

??Live Webinar Alert?? In Q3 2024, ransomware activity remained persistently high, in part thanks to the proliferation of different ransomware groups. Join Corvus CISO, Jason Rebholz, and Threat Intelligence Manager, Ryan Bell, for a live webinar as they explore the growing ransomware threat landscape, where a small number of groups—such as RansomHub, PLAY, and LockBit 3.0—are still responsible for the majority of attacks, but new entrants are continuing to make for a diverse and fast-changing set of threat actors, keeping security professionals and researchers busy. Register today: https://lnkd.in/e6av8YPS #cybersecurity #ransomware #cyberinsurance

Heading to Zywave's Cyber Risk Insights Conference in NYC this week? Don't miss Corvus' SVP of Risk Advisory, Lauren Winchester, on the "Long Tail of Litigation" panel. The panel will offer an overview of recent decisions that illuminate the legal landscape for cyber, as well as highlight cases to watch in the near future. #CyberRiskNYC24

Following a typical slowdown in Q1, ransomware activity surged in Q2, impacting multiple industries, with construction taking the top spot and new sectors like government and oil and gas seeing increased attacks. The IT Services and Software Development sectors also experienced a notable rise in incidents, representing a "systemic risk" due to the potential ripple effects on their clients. Even smaller IT firms, if breached, can lead to widespread operational disruptions, underscoring the critical vulnerability of these industries. Read our full ransomware report for insights into the current threat landscape and how it impacts specific industries: https://lnkd.in/g_Ch84XB #Ransomware #CyberInsurance #CybersecurityAwarenessMonth

?? When it comes time to make the call on where to really invest in security tools and cyber mitigation solutions — how do you know what will best protect not only your IT systems, but also your customers? Based on our Risk Advisors' experience working with technology and professional services firms, we’ve highlighted some go-to, defensive cybersecurity solutions for covering your security bases: https://lnkd.in/ehfyWjhu #CyberInsurance #CybersecurityTools #CybersecurityAwarenessMonth

Cyber is a newer risk that exists behind screens, not wet floor signs. So, with limited budgets, it’s often the first coverage to be deprioritized. But no one is immune from experiencing cybercrime. Help your clients understand why cyber is essential: https://lnkd.in/gbisQfDW #Cybercrime #CyberInsurance #LiabilityInsurance

?? Years of security awareness training have prepared your clients to spot red flags when they land in your inbox. Misspelled URL? Phishing! Urgent ask? Not good! Suspicious attachments? Alert IT! But what if your client's CFO and colleagues on a video call told you the message was legitimate, despite the warning signs? A recent phishing scam played out just like this. In our blog post, we’ll explore what happened, share how your clients can prevent it, and hopefully convince them that, yes, they will be able to be trusted again (within reason): https://lnkd.in/gKQGVVvn #Phishing #Cybersecurity #CybersecurityAwarenessMonth