Resilience Claims Report: As Ransomware Attacks Double In Frequency, New Approach Helps Enterprises Thwart Extortions

Organizations embracing Cyber Resilience more likely to evade extortion payments

SAN FRANCISCO, May 23, 2023 (GLOBE NEWSWIRE) -- Resilience today launched the first edition of its annual Claims Report, illuminating how a new approach to cyber risk is helping to reverse the trend in ransomware attacks. Even as attacks skyrocketed in late 2022 and early 2023, the Claims Report revealed nearly 80% of organizations hit by ransomware recovered data and systems without paying a ransom, a marked improvement from current industry standards.

The cost of cybercrime is expected to reach $10.5 Trillion by 2025, outpacing investment in security and insurance by more than 5X. With only 65% of organizations stating that they plan to increase security spending this year, a new approach to improve cyber resiliency is needed. Resilience’s 2022 Claims Report reveals that by balancing risk acceptance, mitigation, and transfer, organizations are able to significantly strengthen their ability to recover data and maintain business operations in the face of ransomware attacks, without making an extortion payment.

“We founded Resilience because we believed that the current approach to defending the digital ecosystem was inadequate,” said Vishaal “V8” Hariprasad, co-founder and CEO of Resilience. “By bringing together risk, finance, and security roles which previously operated in silos, we can deliver a completely new approach: Cyber Resilience. Our clients’ success in mitigating the threat of ransomware validates this approach and spotlights the opportunity for the digital economy to rethink how they approach risk.”

Key findings of the Claims Report, which examined the full year 2022 through the first quarter of 2023, include:

  • Ransomware notices grew by 33% into Q3 2022 and then doubled in Q4 2022. This rapid growth held consistent in Q1 2023.
  • Among all primary claim notices, phishing is the lead point of failure (23.4% of all claims). Risk from third-party vendors is a close second at 22.1% of all claims.
  • Ransomware (17.8%) was the leading cause of loss for claims. Transfer fraud (17%) vendor data breaches (11.8%), and business email compromise (10.4%) followed.
  • 100% of Resilience Solution clients were able to avoid making an extortion payment in 2022.
  • Resilience clients were half as likely to pay a ransomware extortion, compared to industry averages.

The findings of this analysis shed light on effective strategies to build Cyber Resilience. In one example, an educational institution began working with Resilience following two previous breaches to improve its security posture and qualify for better insurance coverage. Resilience partnered with this educational organization to implement specific security controls and develop an incident response to mitigate future threats. When the organization experienced a phishing incident one month later, the issue was resolved within days. Despite starting with lackluster security controls, Resilience was able to work with this client to restore its reputation and shore up its defenses against cyber attacks.

“The cyber insurance model is broken,” said Mario Vitale, President of Resilience. “It’s stuck in analog, while the digital world is rapidly changing. We’re doing for cybersecurity what insurance companies did for property, auto, and healthcare: pair technology and finance to shape behavior and drive better outcomes. The results are impressive, and we’re just getting started.”

The findings of Resilience’s 2022 Claims Report support the Resilience model of a holistic approach to managing risk. The company recently introduced the Resilience Solution, which builds on this model to empower organizations with a significantly easier and more effective platform for cyber risk quantification, assessment, control, and financing.

To read the 2022 Claims Report, please visit Resilience's website.

About Resilience
Resilience is the next-generation cyber risk company that’s on a mission to help make the world cyber resilient.

Founded in 2016 by experts from across the highest tiers of the US military and intelligence communities, and augmented by prominent leaders and innovators from the insurance and technology industries, the privately-held firm is rewriting the rules of how cyber risk is assessed, measured, and managed for middle to large market enterprises. Rooted in decades of experience, Resilience helps financial, risk, and information security leaders continuously improve their organizations' cyber resilience by connecting cyber insurance coverage with advanced cybersecurity visibility and a shared plan to reinforce actionable cyber hygiene.

Resilience is proud to be backed by leading technology investment firms including General Catalyst, Lightspeed Venture Partners, Intact Ventures, Founders Fund, CRV, and Shield Capital. With headquarters in San Francisco, Resilience’s team is globally dispersed, with offices in New York, Chicago, Baltimore, Toronto, and London. Resilience offers insurance coverage through its licensed and appointed insurance agency and security services through its expert security team. 

For more information, visit us at or follow Resilience on LinkedIn and Twitter.

Media Contact: Resilience