It's impossible to find a business today that isn't internet-connected or doesn't leverage technology to uplevel its operations and improve its efficiency in some way. While buying into our interconnected economy absolutely has its benefits, it also means that businesses increase their exposure to inherent cyber risks.

Inherent cyber risks stem from unpatched vulnerabilities in organizations' networks, outdated software, and even direct attacks like phishing attempts in employees' inboxes. And these risks evolve over time—as companies take steps to reduce these exposures, threat actors adapt their techniques.

In the first half of 2023, the overall rate of cyber claims increased, as did the severity of these claims, with an average loss amount of more than $115,000 per claim, according to Coalition's “2023 Cyber Claims Report: Mid-Year Update." Now, more than ever, it's vital that insurance agents and brokers keep pace with the fluctuating threat landscape to effectively support policyholders, especially small businesses.

Agents and brokers have the opportunity to educate their clients on the importance of working with insurers who understand cyber risk and offer services to help mitigate that risk. Here are some key trends to watch for as we close out 2023 and look ahead to 2024: 

1) The agent and broker role evolves alongside cyber claims trends. Businesses are getting hit harder and more often with cyberattacks. Cyber insurance claims frequency rose by 12% in the first half of 2023 from the second half of 2022, according to Coalition's mid-year 2023 report. Both claims frequency and severity rose across businesses in all revenue bands. Companies with over $100 million in revenue saw the largest increase in the number of claims at 20%, as well as more substantial losses: a 72% increase in claims severity.

When there are significant changes in claims trends, it can make agents' and brokers' jobs more difficult. On a single account, there may be three quotes for the same risk, with extreme differences in coverage, pricing and security requirements—resulting in more time spent investigating the differences in coverage, balancing the tradeoffs between quote options, guiding clients through contingencies, and then closing the bind.

That said, agents and brokers can use changes in the cyber risk landscape to their advantage. Mandatory security controls can be an opportunity to promote good cyber hygiene, encourage better risk management decisions, and help clients understand the financial impact of their decisions.

2) As ransomware grows, threat actors demand more money. Ransomware claims severity increased 61% to an average loss of more than $365,000, according to the Coalition report. Amid the spike in activity, there have also been increases in ransom demands. The average ransom demand in the first half of 2023 was $1.62 million, a 47% increase over the previous six months and a 74% increase over the past year.

As ransomware attack frequency and severity have increased, Coalition has also observed threat actors getting savvier in their attacks. Cyberattackers are finding new and different ways to infiltrate and gain access to private data. And no business is immune, as demonstrated by the recent high-profile attacks on MGM and Clorox.

However, the situation isn't all bleak. The best avenue to ensure businesses are secure is to minimize their risk from the onset. Agents and brokers can help their clients take the necessary steps to prevent digital risk before it strikes by encouraging them to protect their sensitive data. This means maintaining strong backups and keeping those backups offline from the primary network so the business can quickly restore data in the event of a cyber incident.

3) Look for a road to recovery from funds transfer fraud (FTF). FTF claims severity increased 39% to an average loss of more than $279,000, according to Coalition's report. As threat actors become more patient and harder to detect, it becomes even more important for policyholders to partner with an insurer that will act quickly to secure sensitive information and recover stolen funds.

No policy on the market will cover a seven-figure wire transfer loss, so choosing a cyber insurance provider that prioritizes recovery is the best choice for a business. In this case, the provider will work to get as much money back to the policyholder while also paying out whatever is covered by their policy.

Also, businesses rarely change their bank accounts, so alarm bells should ring whenever a vendor wants to “update" its banking information. Agents and brokers should advise their clients to always call a trusted contact at the company to verify the change before sending any money.

Finally, agents and brokers should remind their clients to keep a close eye on all money transfers and to notify their insurer if they see something suspicious; that way, the odds of recovering some or all of the funds are much higher.

4) Don't forget about third-party vendors. Business email compromise (BEC) and FTF continue to drive cyber insurance claims, and both typically begin with poor email security—a third-party vendor risk. As brokers help their clients search for coverage, it's a good opportunity to encourage clients to review their vendors and their security features, as well as research their past exposures to cyber risk.

By starting discussions about the vendors a policyholder uses, agents and brokers can better explain the additional risks a company might incur and how those risks will likely affect their cyber premium. The best risk advisor is the one who is prepared with data to help inform their clients' decisions.

Chris Hendricks is head of Coalition incident response.