A recent study singles out cybercrime as the insured peril that causes the most severe cyber insurance losses while internal failures are the most frequent cause of cyber insurance claims. Allianz Global Corporate & Specialty (AGCS) has published a report titled ‘Managing the Impact of Increasing Interconnectivity: Trends in Cyber Risk’ in which it analyses 1 736 cyber-related insurance claims settled by various insurers between 2015 and 2020. Pay-outs from these claims totalled US$770 million. AGCS found that external cyberattacks resulted in the most expensive cyber insurance losses while the leading contributor to a claim event was employee mistakes or technical problems.

The need for cyber security

“Losses from incidents such as distributed denial of service (DDoS) attacks or phishing and ransomware campaigns account for a significant majority of the value of cyber claims today; but although cybercrime generates the headlines, everyday systems failures, IT outages and human error incidents can also cause problems for companies, even if their financial impact is not, on average as severe,” said Catharina Richter, Global Head of the Allianz Cyber Centre of Competence, which is embedded into AGCS. The insurer urged employers and employees to work together to raise awareness about cyber security and increase their collective cyber resilience.

AGCS has seen a steady rise in cyber insurance claims. The insurer received 77 claims notifications in 2016, when cyber was a relatively new line of insurance, rising to 809 in 2019. It would appear 2020 will be another record year, with 770 claims received in the first three quarters. The steady rise in number of claims has been driven, in part, by the growth of the global cyber insurance market, which is currently estimated to be worth US$7 billion per annum, according to global reinsurer Munich Re. AGCS generated more than €100 million in gross written premium from this insurance class in 2019. Insurers are concerned about growth in both the frequency and severity of cybercrime events, with the average cost to an organisation surging 70% over the five years, to US$13 million, and the average number of security breaches up 60% over the same period.

Big ticket items on a cyber claim sheet

A staggering 85% of claims paid result from external cyber incidents such as DDoS attacks, phishing scams and malware or ransomware campaigns. Malicious internal actions, which are infrequent but costly, account for 9% of claims paid. The report noted that accidental internal incidents, such as employee errors while undertaking daily responsibilities, IT or platform outages, systems and software migration problems or loss of data, account for over half of cyber claims, analysed by numbers; but in most cases the financial impact of these is limited. It turns out that business interruption is the main cost driver behind cyber losses, accounting for 60% of the claims assessed in the report. The second highest cost is incurred in responding to data breaches.

The claims experience through the first three quarters of 2020 confirms that remote working arrangements, put in place in response to pandemic and lockdown, are becoming an issue. A displaced workforce creates new opportunities for cyber criminals to gain access to networks and sensitive information. Malware and ransomware incidents are already reported to have increased by more than a third since the start of the year, while coronavirus-themed online scams and phishing campaigns about the pandemic continue. It should be noted that while exposures are rising, the COVID-19 outbreak cannot yet be said to be a direct cause of cyber-related claims.

Ransomware risks are inflating

AGCS reports that ransomware incidents are becoming more damaging, increasingly targeting large companies with sophisticated attacks and hefty extortion demands. There were nearly half a million ransomware incidents reported globally in 2019, costing organisations at least US$6.3 billion in ransom demands alone. Total costs associated with dealing with these incidents are estimated to be well in excess of US$100 billion. “High-end hacking tools are more widely available, driven by the growing ‘commercialisation’ of cyber-hacks; criminals are selling malware to other attackers who then target businesses demanding ransom payments,” says Marek Stanislawski, Global Cyber Underwriting Lead at AGCS.

Extortion demands are just one part of the picture. Business interruption can bring the most severe losses, with downtimes becoming longer, while systems and data restoration costs can quickly escalate. Experts warn that the loss of critical systems or data can bring organisations to their knees in today’s digitalised economy. The inability to access data for an extended period of time can have a significant impact on revenues. If an online platform is unavailable due to a technical glitch or cyber event, it could bring large losses for companies that rely on it, particularly given today’s increasing reliance on online sales or digital supply chains. 

Prevention is better than cure

Prevention remains the best defence against cyberattack. According to the report, preparation and training of employees can significantly reduce the consequences of cyber events, especially in the early identification and avoidance of phishing and business email compromise schemes. Employee awareness can also help mitigate ransomware attacks, although maintaining secure data backups are imperative to limit damage. Cross-sector exchanges and cooperation among companies, such as what has been established by the Charter of Trust, will also help when it comes to warding off commercially-organised cybercrime, developing joint security standards and improving cyber resilience.

The cyber risk environment is not expected to become any easier in future, the report notes. Businesses and insurers are facing a number of challenges such as the prospect of more expensive business interruptions, the rising frequency of ransomware incidents, more costly consequences of larger data breaches as well as the impact from the playing out of political differences in cyber space through state-sponsored attacks.

Article credit https://www.fanews.co.za/article/short-term-insurance/15/commercial/1006

Lessons from five years of cyber liability claims