5 things to know about cyber resilience and SpearTip

With the cost of cyberattacks projected to increase to nearly $24 trillion by 2027, up from close to $8.5 trillion in 2022¹, it is more important than ever that companies take the proper steps to evaluate their cyber resilience capabilities, so they are well positioned to anticipate, prevent and respond to cyber threats like phishing attempts, malware and ransomware attacks.

In response to this rapidly changing risk landscape, Zurich Resilience Solutions (ZRS) acquired SpearTip, a cyber security firm, in 2023, to offer added value to its insurance customers. SpearTip specializes in providing cyber risk mitigation services that can fill critical gaps for midsize businesses that may not have an in-house risk manager or extensive cybersecurity team on staff.

In recognition of cybersecurity month and the one-year anniversary of SpearTip becoming a ZRS company, here are five insights shared during a tour of SpearTip’s 24/7 Security Operations Center (SOC) in St. Louis.

Phishing is the most common—and effective—hacking method used by threat actors

A threat actor (also known as a bad actor, malicious actor or cybercriminal) will send countless phishing emails in the hope that just one person will click on a link, which could result in download of malware or ransomware that exploits weaknesses in a business’ cybersecurity defenses and opens the door for a cyber breach. Once inside a system, a threat actor is free to search any accessible files, including cloud files, to find something of value. In one example of a successful phishing attempt, a semi-retired employee of a law firm clicked on a link within a phishing email and provided his credentials, which allowed a threat actor full access to the firm’s system. While there, the threat actor was able to access — and change — bank routing and account information, resulting in the firm wiring $2 million to a bank in Mexico and not the originally intended recipient. The money was unrecoverable, and the company was out $2 million.

SpearTip’s Security Operations Center (SOC) never sleeps

That may be a bit of an exaggeration, but it is true that SpearTip’s SOC never closes. SpearTip’s SOC team monitors the IT environments of the clients in real time.  The SOC differentiates SpearTip from other cyber security companies, which typically rely on AI and an automated detection notification system to alert customers of potentially malicious activity. In the SOC, a live person is immediately notified of unusual activity within a client’s system and can take immediate action, which is critically important for an effective response. In one case, the CEO of a company learned his company’s system had been infected with ransomware and began calling cyber security companies — at 2 a.m. — where he reached recorded greetings. His third call was to SpearTip’s Breach Response Hotline, where a member of the SOC answered his call and immediately put a response plan into motion.

The best defense against cybercrime is (still) human intelligence

Many cyber security companies rely solely on AI to detect unusual activity within their client’s systems, issuing an automated alert email to a client, where it may sit in a mailbox and not immediately be seen, or worse, end up in a spam folder. Any delay in a response increases the likelihood that a cyber incident will result in the loss of data, money or even a company’s reputation. By responding more quickly, SOC team members are even able to see a hacking attempt in progress before quickly shutting it down.

Do not make it easy for a threat actor

Whether a threat actor is state-sponsored or one person (referred to as a “lone wolf” in cyber parlance), their goal is the same: to get past existing cyber defenses and commit a crime, so it is important that a company’s employees practice cyber hygiene by following some important guidelines:

• Never share passwords, even with a close associate.
• Never leave papers out on a desk, even if just stepping away for a minute.
• Do not store passwords on the computer (in one instance, a hacker was able to access a SharePoint system and find an Excel spreadsheet full of passwords, enabling millions of dollars in theft).
• Take the time to select a password more creative than a spouse’s or child’s birthday or name.
• Use a password generating app. Complete all required cyber training.

ZRS’ cyber solutions will continue to evolve

Building on the strategic expertise provided by SpearTip, ZRS’ cyber capabilities got a boost when Zurich Insurance Group led Series C investment of $60 million in Cowbell, a leading provider of cyber insurance for small and medium-sized enterprises (SMEs), strengthening the existing portfolio of cyber risk management services. Cowbell uses a data-centric approach to risk management, provides continuous risk assessments, actively monitors threats and has strong underwriting experience. All these services are centered on a highly advanced digital platform designed to boost cyber resilience for customers, which is aligned with SpearTip’s strategy.

As technology continues to advance and the risk landscape becomes more complex, ZRS’ ability to support businesses and offer comprehensive risk solutions will also continue to evolve and grow, which is good for customers.

For more cyber resources, visit Zurich’s 2024 Cybersecurity Awareness Month resource page.

¹ Marsh McLennan and Zurich Insurance Group (2024). Closing the cyber risk protection gap.
https://www.zurich.com/knowledge/topics/digital-data-and-cyber/the-great-cyber-security-challenge