November 24, 2020 by Jason Contant
External attacks on companies result in the most expensive cyber insurance losses, but internal failures like employee mistakes and technical problems are the most frequent generator of claims by number (albeit with a lower financial impact), a new report says.
Allianz Global Corporate & Specialty (AGCS) analyzed more than 1,700 cyber claims worth US$770 million involving AGCS and other insurers from 2015 to 2020. Released last week, the report, Managing The Impact of Increasing Interconnectivity: Trends In Cyber Risk, found that losses resulting from external incidents, such as DDoS attacks or phishing and malware/ransomware campaigns, account for the majority of the value of claims analyzed at 85%. This is followed by malicious internal actions (9%), which are infrequent, but can be costly.
Business interruption (BI) is the main cost driver of claims, followed by costs involved with dealing with data breaches. “Inability to access data or services can have a significant impact on revenues, given growing reliance on online sales.”
The report also highlighted a 70%+ increase in the average cost of cybercrime to an organization over five years to US$13 million and a 60%+ increase in the average number of security breaches.
“Losses from incidents such as distributed denial of service (DDoS) attacks or phishing and ransomware campaigns account for a significant majority of the value of cyber claims today,” said Catharina Richter, global head of the Allianz Cyber Center of Competence, which is part of AGCS. “But although cybercrime generates the headlines, everyday systems failures, IT outages and human error incidents can also cause problems for companies, even if their financial impact is not, on average as severe. Employers and employees must work together to raise awareness and increase cyber resilience.”
Accidental internal incidents, such as employee errors while undertaking daily responsibilities, IT or platform outages, systems and software migration problems or loss of data, account for over half of cyber claims analyzed by number (54%). While the financial impact of these is limited compared with cybercrime, losses can quickly escalate in the case of more serious incidents, AGCS warned.
The number of cyber insurance claims AGCS has been notified of has steadily increased over the last few years, up from 77 in 2016, when cyber was a relatively new line of insurance, to 809 in 2018. In 2020, AGCS has already seen 770 claims in the first three quarters (This steady increase in claims has been driven, in part, by the growth of the global cyber insurance market, currently estimated by Munich Re to be worth $7 billion).
Other highlights of the survey:
Already high in frequency, ransomware incidents are becoming more damaging, increasingly targeting large companies with sophisticated attacks and hefty extortion demands. There were nearly half a million ransomware incidents reported globally last year, costing organizations at least $6.3 billion in ransom demands alone, AGCS reported.
“The inability to access data for an extended period of time can have a significant impact on revenues — for example, if a company is unable to take orders,” said Joerg Ahrens, global head of long-tail claims at AGCS. “Similarly, if an online platform is unavailable due to a technical glitch or cyber event, it could bring large losses for companies that rely on it, particularly given today’s increasing reliance on online sales or digital supply chains.”
Data privacy regulation, which has recently been tightened in many countries (Canada included) is a key factor driving cost, as is growing third-party liability and the prospect of class action litigation. So-called mega data breaches (involving more than one million records) are more frequent and expensive, now costing $50 million on average, up 20% from 2019.
The increasing involvement of nation states in cyberattacks is a growing concern. Recent years have seen critical infrastructure, such as ports and terminals and oil and gas installations, hit by cyber-attacks and ransomware campaigns.
Feature image by iStock.com/Milan_Jovic