TechRepublic reports that one in five of the leading 99 insurance carriers were highly vulnerable to ransomware attacks, with 82% susceptible to phishing attacks. Software supply chain attacks have also spiked by 300% over the past year, according to a report from Black Kite. "The sheer amount of data generated in the insurance industry makes the effort more worthwhile to cybercriminals. Insurance companies tend to be larger organizations that can’t afford downtime," said Black Kite Senior Vice President and Cyber Risk Evangelist Jeffrey Wheatman. The report also revealed that insurance companies paid an average ransom of $130,000, with the highest ransom topping at $40 million. Ransomware and supply chain attacks were among the three top-most security concerns among all insurance underwriters, the report showed. Black Kite noted that insurers could avert cyberattacks by conducting continuous risk portfolio reviews and automating the underwriting process. "Organizations that have more risk exposure and less effective risk management programs are more likely to fall victim to cybercriminals who prefer the ‘let’s throw something against the wall and see what sticks’ attack attempts. For organizations that rely on insurers directly or indirectly, it is crucial to understand in real-time where the third-party exposures are and communicate the business impact before it becomes a problem," Wheatman added.