About Us Our Admitted Products Our E&S Products COVID Update

Cyber risks explained

Cyber risks explained

Understand the threats that cyber insurance safeguards against

Cyberattacks are a daily event that cost companies millions. The FBI reported a 400% jump in cyberattacks at the onset of the pandemic. And with companies increasingly going remote and processing more online transactions, the figures keep rising. Understanding the kinds of risks your business customers are exposed to lets you have conversations about how they can protect their assets in these times of great change and unpredictability.

The rapid increase in remote workforces and online sales has put millions of businesses at risk of security breaches. Since most professional liability policies don’t cover cyberrisk, your opportunity to sell cyber insurance coverage to customers is big. And it’s not just large companies that experience breaches ― 43% of attacks target small businesses. Here are the main kinds of cyber threats your customers and prospects face ― knowing them makes you a better risk management partner.

Cloud breaches

Cloud-based attacks jumped 630% in the first 4 months of 2020, as the pandemic required companies to put their data in the cloud to support at-home workers. Cloud breaches usually take the form of distributed denial of services (DDoS) and account hijacking, in which hackers access and tamper with company data and at the same time prevent staff from accessing the data. This costs companies time and money ― and also compromises their reputations.

Outdated software vulnerabilities

Cybercriminals target software vulnerabilities to access and steal information like employee personal identification numbers and passwords, and customer bank and credit card information. Companies that don’t do continual patch management ― that is, apply software patches to keep systems healthy and secure ― run a much greater risk of attack. Continual updates can be costly and resource consuming for companies, so this is a common vulnerability that hackers exploit.

Social engineering attacks

Phishing and other kinds of social engineering attacks happen when hackers masquerade as institutions to elicit sensitive information or data. A cyberattacker may send out an email to customers of a company, using the company’s logo or digital signature to authenticate the communication. Responses by customers may give hackers access to company systems, which compromises both company and customer data.

Ransomware threats

Ransomware is a multi-million-dollar cybercrime operation that hits every kind of organization. There were more than 304 million ransomware attacks reported in 2020 ― that’s up 62% from 2019. A ransomware attack happens when a cybercriminal uses malicious software to access and then encrypt files until a ransom is paid. Once the ransom is paid, the hacker sends a decryption key, which may or may not return control of the data.

Third-party exposure threats

Companies of all sizes use third-party services for a variety of core functions, including payment processing. Hackers are well aware of the weak links exposed by third-party transactions and often use malware to access personal data, like credit card numbers and Social Security numbers. Such attacks result in significant losses for companies.

Companies can certainly take measures to minimize cyberrisk, like, for example, automating software updates, training staff to identify potential risks or implementing extensive cyberrisk prevention plans, but all these measures can be costly, and even companies that do get in front of most kinds of attacks still face vulnerabilities.


MacNeill Group® offers competitive options for this crucial line of business. It’s simple to get an online quote for stand-alone policies or as additional protection for your Professional Liability, General Liability or Error & Omissions policies.

To get a quote, log in to the MOUS® rater, select Quick Quotes and click Cyber Risk Quote.


Back to Newsletter     < Previous Article     Next Article >