ACE Provides Roadmap of Cyber Risk Evolution

May 7, 2015

Cyber attacks and data breach triggers are changing as are the risk management strategies to address them, according to ACE Group.

The company released the changes and their impact on forensics costs.

“Our claims and underwriting data demonstrates that the very nature of risk is changing, and this shift is having a material impact on the costs associated with investigating and addressing incidents once they occur,” said Matthew Prevost, vice president, ACE Professional Risk. “When it comes to cyber risk, it is not a question of if or when, but how – how can an organization proactively prepare for and then quickly respond to cyber related breaches and interruptions?”

ACE has handled data breach incidents and underwritten exposures for policyholders for more than 15 years and has cataloged a considerable amount of loss data. A careful analysis of the proprietary data offers several key insights, including:

  • A breakdown of the most prevalent data breach triggers, which shows that hacking may capture the headlines, but it’s only part of the problem.
  • The direct correlation between how triggers are changing and escalating forensics costs.

According to ACE, the 7 main data breach triggers are:

ACE found that 70 percent of devices lost or stolen were laptops, 28 percent were memory devices and 2 percent were smartphones.

The company found that 11 percent of all cyber claims involved a liability lawsuit.

Investigation into complex attacks and malware incidents are causing forensics costs to rise, the result of increasing criminal activity. The average cost to investigate a breach has escalated from 18.6 percent in 2009 to 28 percent in 2014.

Source: ACE