Data breaches undoubtedly cost organizations massive losses not only in financials but also in reputation. However, the latest report by Allianz Global Corporate & Specialty (AGCS) titled “Managing The Impact Of Increasing Interconnectivity — Trends In Cyber Risk” saw that it was employees’ mistakes that largely cause these attacks.
“Losses from incidents such as distributed denial of service (DDoS) attacks or phishing and ransomware campaigns account for a significant majority of the value of cyber claims today,” said Catharina Richter, global head of the Allianz Cyber Center of Competence, which is embedded into AGCS.
The study analyzes 1,736 cyber-related insurance claims worth EUR 660mn (US$ 770mn) involving AGCS and other insurers from 2015 to 2020.
“But although cybercrime generates the headlines, everyday systems failures, IT outages and human error incidents can also cause problems for companies, even if their financial impact is not, on average as severe. Employers and employees must work together to raise awareness and increase cyber resilience,” Richter said.
The number of cyber insurance claims AGCS has been notified of has steadily risen over the last few years, up from 77 in 2016, when cyber was a relatively new line of insurance, to 809 in 2019. In 2020, AGCS has already seen 770 claims in the first three quarters. This steady increase in claims has been driven, in part, by the growth of the global cyber insurance market which is currently estimated to be worth $7 billion, according to Munich Re.
AGCS SE is a global corporate insurance carrier and a key business unit of Allianz Group. It provides risk consultancy, Property-Casualty insurance solutions, and alternative risk transfer for a wide spectrum of commercial, corporate, and specialty risks across 10 dedicated lines of business.
AGCS started offering cyber insurance in 2013. In 2019, it generated more than 100 million euros in gross written premium in this segment. At the same time, the report also highlights that there has been over 70% increase in the average cost of cybercrime to an organization over five years to $13 million and a more than 60% increase in the average number of security breaches.
Losses resulting from external incidents, such as DDoS attacks or phishing and malware or ransomware campaigns, account for the majority of the value of claims analyzed (85%) according to the report, followed by malicious internal actions (9%), which are infrequent but can be costly. Accidental internal incidents, such as employee errors while undertaking daily responsibilities, IT or platform outages, systems, and software migration problems or loss of data account for over half of cyber claims analyzed by number (54%) but the financial impact of these is limited compared with cybercrime. However, losses can quickly escalate in the case of more serious incidents.
Business interruption is the main cost driver behind cyber losses, accounting for around 60% of the value of all claims analyzed in the report, followed by costs involved with dealing with data breaches.
The cyber risk environment is not expected to become any easier in the future, the report noted. Businesses and insurers are facing a number of challenges such as the prospect of more expensive business interruptions, the rising frequency of ransomware incidents, more costly consequences of larger data breaches given more robust regulation and litigation, as well as the impact from the playing out of political differences in cyberspace through state-sponsored attacks.
The cost of dealing with a large data breach is rising as IT systems and cyber events become more complex and with the growth in cloud and third-party services. Data privacy regulation, which has recently been tightened in many countries, is also a key factor driving cost, as is growing third-party liability and the prospect of class action litigation. So-called mega data breaches (involving more than one million records) are more frequent and expensive, now costing $50 million on average, up 20% over 2019.
In addition, the impact of the increasing involvement of nation-states in cyber-attacks is a growing concern. Major events like elections and COVID-19 present significant opportunities. In 2020, Google said it has had to block over 11,000 government-sponsored potential cyberattacks per quarter. Recent years have seen critical infrastructures, such as ports and terminals and oil and gas installations hit by cyber-attacks and ransomware campaigns.