Just released: How to raise venture capital in 2023


Cybersecurity Awareness Month 2022 — Data, Data, Goose!


Key Takeaways

Do hackers and cybercriminals target their victims as sophisticatedly as they execute their attacks? Or does it all go down like a game of Duck, Duck, Goose? In this case, it would be Data, Data, Goose. We wonder…

Despite how the evil unfolds, October is Cybersecurity Awareness Month, and 2022 is ripe for a pick-me-up. Let’s talk about cyber stats, what’s going on with premiums, and how this month’s theme should be an everyday thing.

Frightening Cybersecurity Stats to Know 

Did you know that the average ransom demand has recently jumped by 20% to $1.8 million? If that wasn’t scary enough, a new business falls victim to ransomware every 11 seconds. And further still, around 40% of ransomware victims end up paying the ransom. But we’ve got ransomware on our brain. There’s far more to the cybersecurity story than that! 

See how well you fare at our Cybersecurity Stats of 2022 quiz if you’re feeling brave. For now, here are some more frightening cybersecurity stats to know — and we’ve counted them down from shocking to scary:

10. Roughly 65% of companies have more than 500 employees who are never prompted to change their passwords.

9. At any given moment each week, malware infects more than 18 million websites.

8. Around half of all phishing sites now use HTTPS.

7. Email delivers 92% of all malware.

6. A malware attack costs companies an average of $2.4 million per attack.

5. When malware hit businesses this year, it took 34% of them a week or more to regain access to their data. 

4. Of all the organizations who pay the ransom, only 30% ever see all of those dollars again.

3. Nearly 25% of the c-suite is willing to pay at least $20,000 and up to $50,000 to regain access to encrypted data.

2. Downtime due to ransomware costs companies around $8,500 per hour.

1. Businesses spend more than $75 billion each year dealing with ransomware costs.

Interesting Data Quotes and One-Liners

Cybersecurity is undoubtedly a serious topic that we don’t mess around with. However, amid all the risk management talk, it’s nice to give data center stage under a different, less protective light. Here are some nuggets to consider:

  • “There were five exabytes of information created between the dawn of civilization through 2003, but that much information is now created every two days.” – Eric Schmidt, Executive Chairman at Google
  • “No data is clean, but most is useful.” – Dean Abbott, Co-founder and Chief Data Scientist at SmarterHQ
  • “Data is like garbage. You’d better know what you are going to do with it before you collect it.” – Mark Twain
  • “Data analytics is the future, and the future is NOW! Every mouse click, keyboard button press, swipe or tap is used to shape business decisions. Everything is about data these days. Data is information, and information is power.” – Radi, Data Analyst at CENTOGENE
  • “Where there is data smoke, there is business fire.” – Thomas Redman, aka “the Data Doc”

Here’s the Skinny on Cyber Liability

While cybersecurity has been on our radar for years, not only during cybersecurity awareness month, Business Wire reports that cyber threats have increased 81% globally during COVID-19. Small businesses were among the hardest hit, with remote and hybrid work arrangements adding complexities to an already muddied landscape. Hackers and bad actors didn’t wait long before pouncing on anything that appeared slightly vulnerable to attacks.  


Cyber Risk Management Guide

Where Cyber Liability and D&O Meet

Unsurprisingly, directors and officers of all-size companies felt increased pressure to protect their cyber real estate. And for a good reason, too. For example, a shareholder’s suit may hit company leaders incredibly hard if a data breach occurred, thus utilizing D&O insurance for cyber claims. We expect this type of litigation to continue in the future — but let’s examine each policy further:

  • Cyber liability: Cyber liability insurance protects companies from third-party lawsuits relating to electric activities (i.e., phishing scams). Plus, it offers many recovery benefits, supporting data restoration and reimbursement for income lost and payroll spent.
  • D&O: Shareholders, competitors, investors, etc., can sue a company’s directors and officers, putting their personal assets at stake. Directors and officers (D&O) insurance protects these assets from lawsuits alleging leaders of wrongful acts managing the business. 

Customer Success Manager Rachel Jenkins explains the concept in this year’s cyber liability trends report, “We are starting to see more, still limited but increasing, cyber claims bleed into D&O through shareholder litigation as there is an increased fiduciary duty on the C-suite to maintain proper cyber controls through regulation and industry requirements.”

What Companies Do for Cybersecurity Awareness Month 

Amid other holiday activities and preparation, company leaders will also (hopefully) spotlight cybersecurity. Here’s what we see many cyber-aware companies doing:

Renew their commitment to fostering a healthy cybersecurity culture. 

Although directors and officers feel more pressure to protect their company’s digital assets, the buck doesn’t stop there. Employees also carry some responsibility. Nurturing a healthy cybersecurity culture means ongoing employee education, password change reminders, and allowing employees to carry some weight regarding data protection.

Update software and participate in multi-factor authentication.

It’s tough to keep up with software updates, yet, it could be the one link that holds off an attack. It wouldn’t be the first time a cybercriminal targeted a business with outdated software and succeeded, after all. We encourage you to listen to the update prompts from your programs or a trusted IT professional and participate in multi-factor authentication. The more barriers for hackers, the better. 

Adopt a zero-tolerance policy. 

Netflix recently featured an original documentary following a group of cryptocurrency investigators solving a haunting case. Strangely enough, the title is Trust No One: The Hunt for the Crypto King. Adopting a zero-tolerance policy is doing just that: trust no one. Instead of assuming your emails or other platform communications are valid, second guess anything that raises suspicion.

Review cyber liability insurance with a broker. 

Commercial insurance brokers have specific roles: they represent the buyer, examining several insurance solutions to find the most customized fit for your company’s needs. Working with a seasoned broker is vital for your coverage to keep pace with your progress. During cybersecurity awareness month is an excellent time to have a meaningful conversation with your broker. 

Not sure what your commercial insurance broker should be doing? We have the answers here: What’s the Role of a Commercial Insurance Broker?

Develop a disaster recovery plan.

Founder Shield’s General Manager Jonathan Selby said it best, “It’s not if a cyberattack will happen; it’s when.” As a result of these developing vulnerabilities, companies must have a disaster recovery plan. Rebounding isn’t merely recovering digital records. Instead, it often involved reputational mending, notification and monitoring expenses, reimbursement for income lost, etc. Companies must be ready for a comeback. 

What Companies Should Do Every Month

See above. 

No, really — we mean it! With cyber liability and D&O claims overlapping and snowballing into costly litigation, not to mention the recent cybercrime activity, now is the time to prioritize data protection and cybersecurity. Priorities during cybersecurity awareness month should be regular habits. In other words, when it comes to a game of Data, Data, Goose, we work hard to keep you from being the goose.

Understanding the details of what coverage your company needs can be confusing. Founder Shield specializes in knowing the risks your industry faces to make sure you have adequate protection. Feel free to reach out to us, and we’ll walk you through the process of finding the right policy for you.

Related Articles

fintech rules and regulations
April 11 • Risk Management

Fintech Rules: Regulations Finance Leaders Need to Know

Master the fintech rulebook! This post breaks down essential regulations finance leaders must understand to ensure their business operates compliantly in the ever-evolving fintech landscape.

cyber insurance pricing trends 2024
March 13 • Cyber Liability

Cyber Insurance Pricing Trends 2024

Uncertain about cyber insurance costs in 2024? Our article explores pricing trends, expert predictions on rate increases, and strategies to potentially reduce your cyber insurance premium.

cyber liability insurance premiums
March 4 • Cyber Liability

7 “Must Haves” For Cyber Liability Insurance in 2024

With cyber liability insurance premiums rising, business leaders must have the inside scoop to keep costs low. Our partners at Blacksmith InfoSec delve into those tips and tricks.

fintech legal risks
February 29 • Risk Management

7 Legal Issues Every Fintech Should Avoid (and How to Diffuse Them!)

With the emergence of new and disruptive technologies, it’s no surprise that fintech legal risks abound for this innovative industry. Let’s break down these threats and provide solutions that will keep pace with the market.

leverage business insurance
February 27 • Risk Management

How to Leverage Your Business Insurance — 5 Tips

When was the last time you considered how to leverage your business insurance? It’s more than a safety net. In fact, this approach can give you a unique edge. Here’s how.

saas cyberattacks
December 11 • Risk Management

How SaaS Companies Can Avoid New Cyberattacks in 2024

Avoiding SaaS cyberattacks means teaming innovative technologies (like AI) with traditional risk management (like education) to stay ahead of the curve. We can show you how.