📊 Our 2025 Cyber Claims Report is out now!
Skip To Main Content
Cyber Incident? Get Help
Blog homeCyber InsuranceSecurityExecutive RisksBroker EducationLife at Coalition

July Risk Roundup: Ransomware, ransomware everywhere — mitigations required

Person > Ross Warren
Ross WarrenJuly 30, 2021
Share:
Featured Image for July Risk Roundup: Ransomware, ransomware everywhere — mitigations required

It’s no secret that ransomware is one of, if not the, defining cyber risk of our time. As a result, everyone is searching for the right combination of mitigations to prevent a ransomware event from striking their organization. But there are other lingering questions: should companies be allowed to impose secrecy on their clients, what additional risks come from insurance companies being hacked, and what easy remediations can help mitigate your organization’s risk?

1. Kaseya said it obtained a REvil decryptor from "trusted third party"

All indications are that Kaseya obtained a key from a third party without paying a ransom — which is great. However, the NDA that they are requiring clients to sign is confusing the issue by reducing transparency.

Kaseya said it obtained a REvil decryptor from "trusted third party"

View tweet here

2. Analysts affirm CNA ratings as insurer continues probe of cyber attack

A company that was locked down entirely for three weeks poses a serious risk to both their balance sheets and their insured entities. Bad actors routinely look for insurance policies to set ransom payment targets for their victims. Having this information gives them an immediate advantage.

Analysts affirm CNA ratings as insurer continues probe of cyber attack

View tweet here

3. Beazley reports progress on cyber re-underwriting strategy

Simply protecting your own balance sheet does not solve the scenario we are in. If insurance companies are not also proactively pushing their insureds to become better cyber risks, the market as a whole will suffer.

 Beazley reports progress on cyber re-underwriting strategy

View article here

4. Hackers exploit Microsoft browser bug to deploy VBA malware on targeted PCs

This article highlights the importance of underwriting and understanding your exposure to business email compromise. Although no one can fully prevent breaches, there are simple risk management best practices that can help reduce risk, such as quarterly phishing training, disabling Microsoft Office macros, and visually labelling messages from external senders to provide employees additional indication of potentially suspicious messages.

 Hackers exploit Microsoft browser bug to deploy VBA malware on targeted PCs

View tweet here

5. Top routinely exploited vulnerabilities of 2020 & 2021

Shiny objects and new vulnerabilities merit attention, but we’re seeing breaches related to old, less sexy stuff that people have forgotten about. –  Aaron Kraus, Security Engagement Manager

 Top routinely exploited vulnerabilities of 2020 & 2021

View tweet here If you enjoyed this post be sure to check our blog weekly; the Risk Roundup runs Friday mornings in addition to more enlightening content we post related to the ever-evolving landscape of digital risk. Follow us on Twitter (@SolveCyberRisk) and LinkedIn (Coalition Inc). If you have any suggestions for content that we should be adding to our reading list, let us know!

Related blog posts

See all articles
Security

Blog

Why Every SMB Should Shrink Its Attack Surface

Shrinking your attack surface can eliminate vulnerabilities and exposures that contribute to your business' overall cyber risk profile.
Alok OjhaMay 01, 2025
Security
Security