Learn more about the Florida Dental Association. 

Beyond the Bite

The Official Blog of the Florida Dental Association

Eye-Opening Lessons from the Coalition Cyber Convention: Why Prevention Is the New Power Play

Florida Dental Association's avatar by Leave a comment

By Carrie Millar
FDAS Director of Insurance Operations

In April, I had the opportunity to attend the Coalition Insurance Cyber Convention Active, and it was one of the most eye-opening cyber events I have attended. Coalition did something bold.

They started as a technology company focused on cybersecurity and then chose to sell insurance. Their model brings insurance into the cyber experience, embedding proactive protection directly into business operations.

One of Coalition’s most significant innovations is its proprietary scanning technology. Their system scans an insureds’ networks and systems in near real-time to detect existing vulnerabilities and potential threats.

The platform alerts the business to any critical or severe technology exposures, offering a rare opportunity to address the issue before hackers gain access. Unlike traditional insurers who react after a breach, Coalition is actively working to prevent breaches before they happen.

Their commitment to cyber research is profound. Coalition operates honey pots to attract threat actors and continuously scans the dark web to identify what cybercriminals are working on. Their insights give them and their policyholders a head start against emerging threats.

Emerging Threats: Business Email Compromise and Funds Transfer Fraud

One of the biggest concerns in cybersecurity today is Business Email Compromise (BEC). It is now the leading cause of cyber claims and often leads to funds transfer fraud. Key statistics shared at the event:

  • $35,000 is the average loss from a BEC event.
  • $103,000 is the average loss from a funds transfer fraud event.

One compelling real-world example of Coalition’s system involves Change Healthcare. In 2023, Change Healthcare came to Coalition to request a cyber insurance bid. Coalition ran a scan and identified a Citrix system exposed to the internet without multi-factor authentication. Coalition offered a quote with a contingency that the vulnerability would be closed immediately. Change Healthcare declined both the insurance and the recommendation.

In February 2024, Change Healthcare suffered one of the most significant cyberattacks in history, with damages exceeding $190 million. It is a stark reminder that prevention is the real insurance. In 2024 alone, Coalition stopped more than 614 threats before they could turn into claims.

New Tools for Prevention: Cyber Training for Employees

Recognizing that people are often the weakest link, Coalition now offers employee cyber training add-ons as part of their policies. For $300 per year for 10 employees, policyholders can access:

  • Phishing simulations
  • Targeted cybersecurity training
  • Compliance assistance

It is a small investment that can prevent massive losses.

What Every Dental Practice Should Be Doing

Cyberattacks do not just happen to large corporations. Dental practices are increasingly being targeted because they handle high-value patient data and often lack robust security measures.

Here are the steps we strongly recommend:

  • Have a written incident response plan: Review it annually with your team.
  • Print a copy of your cyber insurance policy: Keep it accessible in case your network is down.
  • Train staff: Teach employees to report suspicious clicks immediately.
  • Password management: Change passwords regularly and make them complex.
  • Backups: Know how to access backups of daily schedules and critical files.
  • Vendor communication plan: Pre-identify key contacts like your bank, insurance claims team and IT provider.
  • Messaging control: Instruct employees not to speak to the media and have a clear script ready for informing patients if needed.

At FDA Services (FDAS), we believe cybersecurity success relies on three pillars:

  • Strong IT support
  • HIPAA compliance
  • Comprehensive cyber insurance

How Much Cyber Insurance Do You Need?

Your cyber insurance limits should be at least double your monthly revenue. Ransomware attacks can cripple your cash flow for weeks or months, and the damages often exceed the loss of revenue alone.

When a breach happens, speed matters. Coalition’s average response time after an incident is just 5 minutes, a major advantage when the first 72 hours are critical for recovering stolen funds.

In fact:

  • Coalition successfully negotiates ransomware payments down 60% of the time.
  • Coalition only pays the ransom 44% of the time, with most incidents resolved through negotiation or technical remediation.
  • The average ransom demand for Coalition policyholders in 2024 was around $1.1 million, making professional negotiation essential.

FDAS is happy to review your current coverage, provide a cyber risk scan and help ensure you have the proper protection in place to keep your practice secure. If you are interested in getting a proposal for Coalition cyber insurance visit fdaservices.com contact or call/text FDAS at 850.681.2996.

Carrie Millar, FDA Services Director of Insurance Operations, can be reached at 850.681.2996 or cmillar@fdaservices.com.

Leave a comment