featured Corporate /en/research-insights/featured/cyber-risk content
Log in to other products

Login to Market Intelligence Platform

 /


Looking for more?

Request a Demo

You're one step closer to unlocking our suite of comprehensive and robust tools.

Fill out the form so we can connect you to the right person.

If your company has a current subscription with S&P Global Market Intelligence, you can register as a new user for access to the platform(s) covered by your license at Market Intelligence platform or S&P Capital IQ.

  • First Name*
  • Last Name*
  • Business Email *
  • Phone *
  • Company Name *
  • City *
  • We generated a verification code for you

  • Enter verification Code here*

* Required

Thank you for your interest in S&P Global Market Intelligence! We noticed you've identified yourself as a student. Through existing partnerships with academic institutions around the globe, it's likely you already have access to our resources. Please contact your professors, library, or administrative staff to receive your student login.

At this time we are unable to offer free trials or product demonstrations directly to students. If you discover that our solutions are not available to you, we encourage you to advocate at your university for a best-in-class learning experience that will help you long after you've completed your degree. We apologize for any inconvenience this may cause.


Financial Cyber Crime

Cyberattacks rise in pandemic's 'perfect storm' — reminding banks of risks ahead

A rising number of cyberattacks aimed at the financial sector during the coronavirus pandemic has sent a warning to banks to improve their cybersecurity measures to protect themselves against future risks.

Attacks against the financial sector increased 238% globally from the beginning of February to the end of April, according to data by Carbon Black Inc., a unit of VMware Inc. that offers cybersecurity technology to financial institutions.

FinCEN leak is a 'wake-up call' for EU to address financial crime, MEP says

Leaked documents from the U.S. Financial Crimes Enforcement Network showing $2 trillion in suspicious transactions reported by global banks, including some of the largest institutions in Europe, are "a wake-up call" for EU authorities who need to take urgent action, EU parliamentarian Sven Giegold told a press conference.

Read the Full Article

Utilities

Cyber Risk Management For U.S. Municipal Utilities Should Be Routine And Requires Vigilance And Flexibility

S&P Global Ratings believes that cyber risk is an important factor to consider when evaluating credit and has become a key credit focus of risk management for many U.S. municipal utilities.

The threat to organizations and the credit impact could get worse before it gets better with the prevalence of cyber breaches and the growing sophistication of cyber criminals. Municipal water and wastewater utilities must develop cyber defense frameworks to prepare themselves for such incidents to ensure continuity of delivery, maintain clear communication with their customers, and have recovery plans in place.

Cyberattack uncovers shortfalls in natural gas pipeline security

A cyberattack on a natural gas compression facility highlighted longstanding concerns that some pipeline operators are not deploying best practices to foil hackers.

The U.S. Department of Homeland Security revealed the attack on an unnamed pipeline system in a Feb. 18 alert. The attackers gained access to information technology systems, infecting them with ransomware that jumped to operational technology systems, or OT systems, which control industrial systems in factories, plants and infrastructure.

Read the Full Article


Telehealth

Surge in Telehealth Usage Raises New Cyber Risk, Fraud Concerns – Experts

As telehealth usage has skyrocketed during the COVID-19 pandemic, cyberattacks, fraud and abuse have emerged as threats to its future growth. The U.S. Department of Health and Human Services temporarily relaxed regulations in March so that providers could reach out to patients more easily through services such as Apple Inc.'s FaceTime or Skype Inc.'s video conferencing platform.

Key Takeaways:

  • Between the second and third weeks of March, when the pandemic was accelerating in the U.S., searches on the dark web for telehealth company names and key words — like Teladoc Health Inc., Doctor on Demand Inc., Amwell and PlushCare Inc. — climbed 144%.
  • Telehealth companies saw a 117% surge in IP reputation security alerts caused by malware infections from phishing attempts or other cyberattacks, according to the report.
  • Meanwhile, the healthcare industry overall saw a 77% decrease in these same incidents, suggesting steps have been taken to reduce risk.

Insurance Opportunities

Cyber Risk In A New Era: Insurers Can Be Part Of The Solution

The COVID-19 pandemic is forcing almost all organizations to speed up their digital transformation priorities. This rapid transformation will inevitably increase systemic vulnerabilities to cyber attacks, leading S&P Global Ratings to expect the next decade to be the most important period of growth for the cyber insurance market.

Currently, commercial and private cyber insurance premiums total about $5 billion, and Ratings expects this to increase 20%-30% per year on average in the near future. As the market gains critical mass, providers should continue to build out their platforms and product offerings and focus on robust underwriting skills.

With maturation of cryptoasset sector comes demand for insurance

Global insurance brands and experienced hands are venturing into the cryptoasset business to offer coverage with a mix of established commercial products and technology-backed risk management. For cryptoasset companies, the hope is that insurance can provide legitimacy and investor reassurance to an asset class and currency often not well-understood and frequently associated with criminal enterprises.

Read the Full Article

COVID-19 crisis could be 'watershed' for cyber insurance, says Swiss Re exec

The coronavirus crisis could be a "watershed moment" that leads to mass take-up of cyber insurance, according to Swiss Re AG's head of cyber product management.

Read the Full Article

Insurance Risks

Ransomware spike threatening cyber insurers' profitability – Guy Carpenter exec

An increase in ransomware attacks has become an "exposure game changer" and is "materially threatening" the profitability of cyber insurance businesses, according to an executive at reinsurance broker Guy Carpenter & Co. LLC.

Erica Davis, leader of Guy Carpenter's North America cyber center of excellence, told journalists Sept. 10 that the Marsh & McLennan Cos. Inc.-owned reinsurance broker had modeled the cyber industry's loss ratio at 50.3% through 2018 on a premium-weighted average, but ransomware attacks have "ramped up" since then.

Growth of ransomware threat 'unsustainable' for cyber insurance industry

Ransomware attacks soared in the second half of 2019, and industry experts are concerned that the cost to insurers is growing at rates unsustainable for current policies. Businesses and organizations are more often being forced to pay hackers as they target operations that cannot suffer downtime from increasingly sophisticated attacks.

Read the Full Article

Future

SASE, ZTNA and XDR: Three Security Trends Catalyzed by the Impact of 2020

For years, we in information security have been talking about the need to consolidate a very fragmented collection of tools and technologies. Now, with larger trends driving change throughout IT, cybersecurity must adapt as well.

In this report, 451 Research, a part of S&P Global Market Intelligence, takes a summary look at three of these – secure access service edge (SASE), zero trust network access (ZTNA) and XDR (where the 'X' is a placeholder for the intersections of techniques that contribute to threat detection and response, reflected by some through adoption of the term 'eXtended' for the placeholder) – and how the unanticipated events of 2020 are shaping their adoption.

Key Takeaways:

  • SASE: Secure access service edge, or SASE (pronounced 'sassy') is not just one technology. It is a set of capabilities, many of which have long been familiar to the enterprise, made available as a service and accessible in principle from virtually anywhere.
  • ZTNA: Under zero trust network access, or ZTNA, the seeker must present sufficient evidence to make the case for an access decision – 'evidence-based' access control, if you will, rather than access predicated on simply trusting that simplistic conditions are enough.
  • XDR: The shift in network security architecture driven by long-term trends such as IT as a service, as well as near-term factors like COVID-19, is having an impact on yet another trend shaping up in infosec: the bringing together of technologies and practices in threat detection and response.