Allianz just released its 10th Risk Barometer highlighting the most important corporate perils for the next 12 months and beyond, based on the insight of 2,769 risk management experts from 92 countries and territories. The following is adapted from that report.
Given the unprecedented disruption caused by the coronavirus outbreak, it is no surprise that business interruption and pandemic outbreak top the 2021 Barometer. Pandemic is the biggest climber this year (up 15 positions), with cyber incidents ranking a close third. All three risks – and many of the others in this year’s top 10 – are interlinked, demonstrating the growing vulnerabilities and uncertainty of our highly globalized and connected world, where actions in one place can spread rapidly to have global effects.
Cyber incidents may have slipped to third position but concern remains high with more respondents picking it as a top peril than in 2020. Cyber crime now costs the global economy over $1trn – more than one per cent of global GDP – up 50% from two years ago. Meanwhile, the threat of business interruption, more severe consequences from data breaches and risks emerging from the acceleration of digitalization post-Covid-19 loom large.
Data breaches and ransomware biggest threats
According to Allianz Risk Barometer respondents, data breaches rank as the cyber exposure companies are most concerned about over the next year, followed by IT vulnerability due to increased remote working and ransomware attacks, which have been increasing in both number and severity. Data breaches already rank as the top cause of cyber incidents for businesses, followed by external events such as ransomware attacks, while employee errors ranks third, reflecting the fact that mistakes and technical problems are the most frequent generator of cyber insurance claims by number, according to AGCS analysis.
Data breaches remain the biggest concern for most companies, particularly those that deal with large amounts of personal data, such as retailers, healthcare providers and banks. Ransomware attacks are an ongoing threat for an increasing number of industries, such as manufacturing and service sectors, and can be a cause of significant business interruption.
Data and privacy costs rise
The consequences of data breaches are increasing, with higher fines and regulatory costs, and growing third party liability. Under the General Data Protection Regulations (GDPR) the number of fines have been growing in Europe – almost 200 were issued by authorities between March 2019 and May 2020 – while jurisdictions around the world have been introducing stricter data laws, most recently California, Canada and Brazil. Increasingly, breaches and regulatory actions are followed by litigation, with a number of group actions now pending in the UK as well as the US.
Ransomware attacks more frequent, larger and damaging
Prevalent forms of ransomware – including Sodinokibi, Maze, Ragnarok and Ryuk – have caused major disruption for manufacturers public sector entities and healthcare providers, shipping companies, utilities, technology and professional services firms recently.
Almost half a million ransomware incidents were reported globally in 2019 and this trend is set to continue. For criminals, it is a very attractive mode of attack – low cost, low risk and very profitable.
Such attacks are also becoming more ambitious. Where hackers once hit small- to mid-size companies, they are now also targeting large companies, where the rewards are highest. A noticeable recent trend has been the added dimension of privacy and hackers’ willingness to exploit brand and reputation. Having encrypted critical or personal identifiable data, cyber criminals threaten to release the data or publicize the breach if demands are not met. Ransomware demands, increased by almost a third between the second and third quarters of 2020, according to incident response firm Coveware, while almost 50% of cases included the threat to release stolen data.
While ransom demands attract the most public attention, the biggest cost driver for ransomware incidents is business interruption and the cost of restoring data and systems.
The total cost of ransomware demands in 2019 was $25bn, but this increased to $170bn when the cost of downtime was included, according to Emsisoft. On average, a ransom incident can result in 16 days downtime.
Mitigating losses
In response to the growing threat, AGCS has stepped up its underwriting focus when needed, for example on ransomware exposures, differentiating between firms that have strong controls and processes in place to mitigate the risk. Regular patching and awareness training can help deter attacks, while maintaining secure backups can significantly reduce losses. A dedicated business continuity plan outlining what a company needs to do in event of an attack to minimize disruption can also help.
Business interruption and “Black Swans”
Awareness of cyber business interruption has been increasing with the number of major outages and ransomware attacks in recent years In this year’s Allianz Risk Barometer, cyber ranks as the second most feared cause of business interruption behind pandemic outbreak.
AGCS analysis of over 1,700 cyber-related insurance claims over the past five years shows that business interruption is the main cost driver behind losses, accounting for around 60% of the value of these claims.
At its most extreme, cyber may also present a systemic or catastrophic risk. A major blackout or cloud outage could have a massive impact, simultaneously affecting companies around the world. Future ‘Black Swan’ events cannot be ruled out. It will be important to identify and prepare for such scenarios quickly before they become true events.
Digitalization and “deepfakes”
The coronavirus pandemic is likely to add to existing cyber concerns, given the increasing reliance on technology and online sales,. Even the arrival of the vaccine has brought another element of risk with recent attacks against approval authority, the European Medicines Agency, as well as labs handling Covid-19 tests.
Acceleration towards greater digitalization was the change caused by the pandemic that Allianz Risk Barometer respondents believe will most impact their company, followed by more remote working.
The shift to remote working during the early stages of the lockdown was accompanied by a reduction in cyber security – some firms turned off multifactor authentication – while employees working from home are more susceptible to phishing attacks. Through 2020, malware and ransomware incidents increased by more than a third, at the same time as a 50%+ increase in phishing, scams, and fraud, according to INTERPOL.
Many months later, companies should now have the right processes and protections in place to enable safer remote working. However, there is a risk that companies will reduce IT budgets and security spend if the pandemic subsides and people return to offices, meaning vulnerabilities could re-emerge.
Cyber risk was once seen only as an issue for computers and software, but with the acceleration of digitalization it is increasingly expanding to include everything from cars to factories to smart devices in our homes.