External attacks on companies result in the most expensive cyber insurance losses, but employee mistakes and technical problems are the most frequent generator of claims by number, according to a new report from Allianz Global Corporate & Specialty, Managing The Impact Of Increasing Interconnectivity – Trends In Cyber Risk. The study analyzes 1,736 cyber-related insurance claims valued at $770 million involving AGCS and other insurers from 2015 to 2020.
The number of cyber insurance claims AGCS has been notified of has steadily risen over the last few years, up from 77 in 2016, when cyber was a relatively new line of insurance, to 809 in 2019. In 2020, AGCS has already seen 770 claims in the first three quarters. This steady increase in claims has been driven, in part, by the growth of the global cyber insurance market, which is currently estimated to be $7 billion, according to Munich Re.
AGCS started offering cyber insurance in 2013 and, in 2019, generated more than EUR 100 million in gross written premium in this segment. There has been a 70%-plus increase in the average cost of cybercrime to an organization over five years to $13 million and a 60%-plus increase in the average number of security breaches.
Losses resulting from external incidents, such as distributed denial of service (DDoS) attacks or phishing and malware/ransomware campaigns, account for the majority of the value of claims analyzed (85%), according to the report, followed by malicious internal actions (9%) – which are infrequent but can be costly. Accidental internal incidents, such as employee errors while undertaking daily responsibilities, IT or platform outages, systems and software migration problems or loss of data, account for over half of cyber claims analyzed by number (54%), but, often, the financial impact of these is limited compared with cybercrime. However, losses can quickly escalate in the case of more serious incidents.
The cyber risk environment is not expected to become any easier in the future. Businesses and insurers are facing a number of challenges, such as the prospect of more expensive business interruptions, the rising frequency of ransomware incidents, more costly consequences of larger data breaches given more robust regulation and litigation, and the impact from the playing out of political differences in cyber space through state-sponsored attacks.
The huge rise in remote working due to the coronavirus pandemic is also an issue. Displaced workforces create opportunities for cyber criminals to gain access to networks and sensitive information. Malware and ransomware incidents are already reported to have increased by more than a third since the start of 2020, while coronavirus-themed online scams and phishing campaigns about the pandemic continue. At the same time, the potential impact from human error or technical failure incidents may also be heightened.
While exposures are rising, the COVID-19 outbreak cannot yet be said to be a direct cause of cyber-related claims. AGCS has seen the first few cyber claims that can be indirectly attributed to the COVID-19 landscape, including ransomware attacks that can be linked to the shift to more remote working. However, it’s too early to confirm a broader trend.
See also: The Missing Tool for Cyber Resilience
Ransomware threats surge
Already high in frequency, ransomware incidents are becoming more damaging, increasingly targeting large companies with sophisticated attacks and hefty extortion demands. There were nearly half a million ransomware incidents reported globally last year, costing organizations at least $6.3 billion in ransom demands alone. Total costs associated with dealing with these incidents are estimated to be well in excess of $100 billion.
Business interruption and digital supply chain vulnerability growing
Business interruption (BI) following a cyber incident has become a major concern for business. Analysis of cyber claims by AGCS shows that BI is the main cost driver in the majority of cases. Whether ransomware, human error or a technical fault, the loss of critical systems or data can bring an organization to its knees in today’s digitalized economy.
Dependency on digital supply chains – both for the delivery of services and the supply of goods brings numerous benefits. Shared technology-based platforms enable data to be exchanged between parties, automate administrative tasks and transport products on demand. However, such platforms can potentially create a chain reaction ensuring a BI cascades through a whole sector. If a platform is unavailable due to a technical glitch or cyber event, it could bring large BI losses for multiple companies that all rely and share the same system.
Data breaches and state-sponsored attacks
The cost of dealing with a large data breach is rising as IT systems and cyber events become more complex, and with the growth in cloud and third-party services. Data privacy regulation, which has recently been tightened in many countries, is also a key factor driving cost, as are growing third-party liability and the prospect of class action litigation. So-called mega data breaches (involving more than one million records) are more frequent and expensive, now costing $50 million on average, up 20% over 2019.
In addition, the impact of the increasing involvement of nation states in cyber-attacks is a growing concern. Major events like elections and COVID-19 present significant opportunities. During 2020, Google said it has had to block over 11,000 government-sponsored potential cyber-attacks per quarter. Recent years have seen critical infrastructure, such as ports and terminals and oil and gas installations hit by cyber-attacks and ransomware campaigns.
Prepare, practice and prevent
Preparation and training of employees can significantly reduce the consequences of a cyber event, especially in phishing and business email compromise schemes, which can often involve human error. It can also help mitigate ransomware attacks, although maintaining secure backups can limit damage. Cross-sector exchange and cooperation among companies is also key when it comes to defying highly commercially organized cybercrime, developing joint security standards and improving cyber resilience.
See also: Essential Steps for Cyber Insurance
The COVID-19 landscape brings new challenges. With home-working widespread, security around access and authentication points is critical, but organizations should also ensure there is sufficient network capacity as this can have a significant impact on lost income if there is an outage.
For more key takeaways from the report, please visit this page.