Tag Archive | ransomware
June 10, 2025  

Cybercriminals Are Targeting Small Businesses – Is Yours Next

Your Business Is Being Targeted—Even If You Don’t Realize It

It’s not just big corporations making headlines anymore. Small and midsize businesses are now prime targets for cybercriminals—and the numbers don’t lie.

Ransomware remains the most disruptive threat in today’s digital world. The newly released Cyber Threat Index 2025 from Coalition reveals how these attacks are happening. It shows why it’s time to take this risk seriously.

Startling Realities from the Report:

  • 58% of ransomware attacks in 2024 began with a breach of VPNs or firewalls
  • 18% involved remote desktop tools
  • 47% began with stolen or guessed login credentials
  • Email phishing and unpatched software rounded out the top attack methods

What This Means for Your Business

Think about the systems your team uses every day—remote logins, email, cloud apps. Now imagine they’re all frozen… encrypted by criminals demanding a six-figure ransom just to give you back control.

It’s not science fiction. It’s happening to businesses just like yours—some of them never recover.

The worst part? Most attacks succeed not because the defenses are complex, but because they’re familiar. Cybercriminals keep reusing the same tactics because they still work.

And while enterprise-level companies have IT teams monitoring for threats around the clock, many small and midsize businesses don’t. That’s where cyber insurance becomes more than a policy—it becomes a lifeline.

How Cyber Insurance Protects You:

A robust cyber insurance policy can help cover:

  • Ransom payments (where legal)
  • Digital forensics and IT recovery
  • Business interruption and income loss
  • Data restoration and rebuilding
  • Regulatory fines and legal defense
  • Customer notifications and credit monitoring

4 Things You Can Do Right Now:

  1. Harden remote access tools – Use multi-factor authentication (MFA) across VPNs and remote desktops
  2. Educate your team – A well-timed click on a phishing email can cost your business everything
  3. Patch and update software – Vulnerabilities in outdated tools are low-hanging fruit for attackers
  4. Review your cyber insurance – Your policy should reflect your current systems and risks

Final Thought:

Cybercriminals aren’t getting more creative—they’re just getting more persistent. And far too many businesses are still unprepared.

The good news? Cyber insurance remains one of the most affordable forms of protection available. This is especially true when compared to skyrocketing premiums you see in property or commercial auto.

If you’re not sure whether your coverage is enough, let’s have a conversation. Or if you don’t have cyber protection in place at all, let’s talk.

It could be the most important step you take for your business this year.

-JK

November 4, 2024  

POV: The Incredible Anxiety of a Cyber Attack

As someone who helps businesses with the placement of their insurance policies and with risk management advice, this video from Travelers Insurance hits powerfully when I watch it.

I’ve experienced this exact situation first-hand at least several times. A client calls in terror because their computer network was breached. They are either shut down to a point where not a single employee can get on the network to function. Alternatively, a hacker breaches their network and steals hundreds of thousands of dollars from their accounts.

The incredible fear and anxiety it creates is off the charts. This video is a true personification of this very circumstance.

My biggest piece of advice is please don’t think that your business is invincible to these types of circumstances. This CAN happen to any business, large or small.

The most crucial step a business can take to avoid a cyber attack is to establish a robust cyber security culture. This culture should include consistent employee training. Educate all team members on cyber hygiene practices. Teach them to recognize phishing emails. Encourage them to use strong, unique passwords. Additionally, ensure they secure their devices. Human error is one of the leading causes of data breaches. Employees who are aware of and actively follow security best practices can significantly reduce the risk of an attack.

Whether you have an internal IT team managing your computer network, or utilize a MSP (Managed Service Provider), ensure they have the proper protocols in place. These protocols should mitigate breaches within your computer network.

Also, don’t overlook a cyber insurance policy. It can help manage the costs of a cyber attack with both “1st Party Coverage.” This coverage focuses on your own losses and expenses directly resulting from a cyber incident. It also includes “3rd Party Coverage” to focus on liability to third parties affected by the cyber incident. This includes legal and regulatory costs.

The cyber insurance market is competitive as of the date of this post. This means rates are low for the coverage offered. Underwriting is also relatively soft. It’s not difficult to secure a robust policy with a low annual premium.

If you have questions about the above, reach out today. You might want to know about a recommended MSP (Managed Service Provider) for your business. Or you may have questions about the cost and terms of a cyber insurance policy.

-JK

May 24, 2023  

Top 9 Industries Vulnerable to Ransomware Attacks

Some industries are more vulnerable to ransomware attacks than others, both because of inherent vulnerabilities in some industries and because hackers historically have targeted these industries more often.

Looking at it from a top-down risk perspective, the industries subject to ransomware attacks the most in 2021 according to BlackFog (in descending order) were:

  1. Government
  2. Education
  3. Healthcare
  4. Technology
  5. Services
  6. Manufacturing
  7. Retail
  8. Utility
  9. Finance

This list can give a general idea of where your business or industry may fall for big-picture risk.

Ransomware is a type of malicious software (malware) designed to encrypt files on a victim’s computer or network, making them inaccessible and unusable. The attackers behind ransomware demand a ransom, typically in the form of cryptocurrency, in exchange for providing the decryption key to restore the files.

Ransomware attacks can have severe consequences for businesses, and organizations. They can result in data loss, financial losses, operational disruptions, reputational damage, and legal implications.

It is crucial to have strong cybersecurity measures in place, including regular data backups, up-to-date software, strong passwords, and security awareness training, to help prevent and mitigate the impact of ransomware attacks.

If you are looking for a reputable cybersecurity company, outsourced IT provider, or cyber insurance options, contact me and I can connect you with local trusted providers to help your business to help prevent ransomware losses from affecting your daily business operations.

Sources: “The State of Ransomware in 2021” BlackFog; Risk Placement Services, Inc

January 16, 2023  

Is the Cyber Insurance Market Stabilizing?

I just wrapped up a sizable Cyber insurance policy renewal and based on the results of our marketing efforts, I think it’s a good indication that the market is beginning to stabilize.

The cyber insurance market has been in a hard market for the past several years.

This particular cyber insurance renewal is for a middle market company that works with Fortune 500 companies. They’re required to carry $50,000,000 in coverage by contract.

The insured’s services are viewed as a higher risk for the cyber market. It is a technology-based business that holds a lot of third-party sensitive data. They do about $75M – $80M in annual revenues. Cyber liability and data breach are definitely their primary risk exposures.

This policy renewal took 10 carriers to quota share the risk and the year-over-year premium is down in 2023 by 4-5%.

I had a feeling the renewal premium wouldn’t spike as hard as it did last year, but I was pleasantly surprised there was actually a slight DECREASE for this renewal.

The cyber insurance market is a lot like the mortgage industry prior to 2008.

Up until a few years ago, you could buy cyber insurance by providing very little information and carriers practically gave away quotes. And not very expensive ones relative to the risk.

Then hackers decimated the cyber insurance market with ransomware and social engineering attacks. Millions upon millions of claims dollars were being paid by carriers as a result.

Underwriting ultimately tightened and those looking to secure cyber insurance coverage must now show preventative measures are in place for their organizations such as data encryption, multi-factor authentication (MFA), data backups, etc.

Underwriters won’t even think twice about insuring a business if these types of measures are not in place.

Cyber insurance pricing and trends vary by company. However, in this particular case where we have a sizable middle market company with above-average cyber risk, a decrease in premium this year is a positive sign.

Let’s hope the cyber insurance market continues trending in this direction.

Each and every company/policyholder will see different outcomes with their cyber coverage and rates based on their own unique makeup. However, if you can show that your organization takes preventative measures to help mitigate cyber risk up front, you’re in a favorable spot.

-JK