- AGCS analysis of more than 1,700 cyber claims: External
events such as "DDoS" attacks result in the most costly cyber losses but internal
incidents like human error or systems failure occur more often, albeit with a
lower financial impact. - Business
interruption is the main cost driver of cyber claims. Inability to access data or services can have a significant impact on
revenues, given growing reliance on online sales. - Rise in ransomware attacks, the cost of larger
data breaches and the Covid-19 working landscape present significant future cyber
risks.
JOHANNESBURG/LONDON/MUNICH/NEW
YORK/PARIS/SAO PAULO/SINGAPORE -�Media OutReach�- 19 November 2020 -�External
attacks on companies result in the most expensive cyber insurance losses but it
is employee mistakes and technical problems that are the most frequent generator
of claims by number, according to a new report from Allianz Global Corporate
& Specialty (AGCS), Managing The Impact Of Increasing
Interconnectivity -- Trends In Cyber Risk. The study analyzes 1,736 cyber-related
insurance claims worth EUR 660mn (US$ 770mn) involving AGCS and other insurers from
2015 to 2020.
�
"Losses from incidents such as distributed
denial of service (DDoS) attacks or phishing and ransomware campaigns account
for a significant majority of the value of cyber claims today," says Catharina
Richter, Global Head of the Allianz
Cyber Center of Competence, which is embedded into AGCS. "But although
cyber crime generates the headlines, everyday systems failures, IT outages and human
error incidents can also cause problems for companies, even if their financial
impact is not, on average as severe. Employers and employees must work together
to raise awareness and increase cyber resilience."
The number of
cyber insurance claims AGCS has been notified of has steadily risen over the
last few years, up from 77 in 2016, when cyber was a relatively new line of
insurance, to 809 in 2019. In 2020, AGCS has already seen 770 claims in the
first three quarters. This steady increase in claims has been driven, in part,
by the growth of the global cyber insurance market which is currently estimated
to be worth $7bn according to Munich Re. AGCS started offering cyber
insurance in 2013 and, in 2019, generated more than EUR 100mn in gross written
premium in this segment. At the same time the report also highlights that there
has been a 70%+ increase in the average cost of cyber crime to an organization
over five years to $13mn and a 60%+ increase in the average number of security breaches.
�
Losses
resulting from external incidents, such as DDoS attacks or phishing and
malware/ransomware campaigns, account for the majority of the value of claims
analyzed (85%) according to the report, followed by malicious internal actions
(9%) -- which are infrequent but can be costly. Accidental internal incidents,
such as employee errors while undertaking daily responsibilities, IT or
platform outages, systems and software migration problems or loss of data account
for over half of cyber claims analyzed by number (54%) but, often, the
financial impact of these is limited compared with cyber crime. However, losses
can quickly escalate in the case of more serious incidents.
�
Business
interruption is the main cost driver behind cyber losses, accounting for around
60% of the value of all claims analyzed in the report, followed by costs
involved with dealing with data breaches.
The cyber risk environment is not
expected to become any easier in future, the report notes. Businesses and
insurers are facing a number of challenges such as the prospect of more
expensive business interruptions, the rising frequency of ransomware incidents,
more costly consequences of larger data breaches given more robust regulation and
litigation, as well as the impact from the playing out of political differences
in cyber space through state-sponsored attacks. The impact of these trends is also
the subject of a new AGCS�podcast.
The huge rise
in remote working due to the coronavirus pandemic is also an issue. Displaced
workforces create new opportunities for cyber criminals to gain access to
networks and sensitive information. Malware
and ransomware incidents are already reported to have increased by more than a
third since the start of 2020, while coronavirus-themed online scams and
phishing campaigns about the pandemic continue. At the same time the
potential impact from human error or technical failure incidents may also be
heightened.
While
exposures are rising, the Covid-19 outbreak cannot yet be said to be a direct
cause of cyber-related claims. AGCS has seen the first few cyber claims that can
be indirectly attributed to the Covid-19 landscape, including ransomware
attacks which can be linked to the shift to more remote working. However, it's
too early to confirm a broader trend.
�
Ransomware threats
surge
Already high in frequency, ransomware incidents are
becoming more damaging, increasingly targeting large companies with
sophisticated attacks and hefty extortion demands. There were nearly half a
million ransomware incidents reported globally last year, costing organizations
at least $6.3bn in ransom demands�alone. Total costs associated with dealing with these
incidents are estimated to be well in excess of $100bn.
�
"High-end hacking tools are more widely
available driven by the growing
'commercialization of cyber-hacks'. Increasingly, criminals are selling malware
to other attackers who then target businesses demanding ransom payments," says Marek Stanislawski, Global Cyber Underwriting
Lead at AGCS. "However, extortion demands are just one part of the picture.
Business interruption can bring the most severe losses -- with downtimes
becoming longer -- while systems and data restoration costs can quickly escalate."
�
Business
interruption and digital supply chain vulnerability growing
"Whether due to ransomware, human error or a
technical fault, the loss of critical systems or data can bring an organization
to its knees in today's digitalized economy," says Joerg Ahrens, Global Head of
Long-Tail Claims at AGCS. "The inability to access data for an extended period
of time can have a significant impact on revenues -- for example, if a company
is unable to take orders. Similarly, if an online platform is unavailable due
to a technical glitch or cyber event, it could bring large losses for companies
that rely on it, particularly given today's increasing reliance on online sales
or digital supply chains."
�
Data breaches and state-sponsored attacks
�
The cost of dealing with a large data breach is
rising as IT systems and cyber events become more complex, and with the growth
in cloud and third-party services. Data privacy regulation, which has recently
been tightened in many countries, is also a key factor driving cost, as is
growing third-party liability and the prospect of class action litigation. So-called
mega data breaches (involving more than one million records) are more frequent
and expensive, now costing $50mn on average, up 20% over 2019.
�
In addition, the impact of the increasing
involvement of nation states in cyber-attacks is a growing concern. Major
events like elections and Covid-19 present significant opportunities. During 2020
Google said it has had to block over 11,000 government-sponsored potential
cyber-attacks per quarter. Recent years have seen critical infrastructure, such
as ports and terminals and oil and gas installations hit by cyber-attacks and
ransomware campaigns.
�
Prepare, practice and prevent
�
Preparation and training of employees can significantly reduce the consequences
of a cyber event, especially in phishing and business email compromise schemes,
which can often involve human error. It can also help mitigate ransomware
attacks, although maintaining secure backups can limit damage. Cross-sector exchange
and cooperation among companies -- such as what has been established by the Charter of Trust -- is
also key when it comes to defying highly commercially-organized cyber crime,
developing joint security standards and improving cyber resilience.
The Covid-19 landscape brings new challenges. With home-working
widespread, security around access and authentication points is critical but
organizations should also ensure there is sufficient network capacity as this
can have a significant impact on lost income if there is an outage.
About Allianz Global Corporate & Specialty SE
Allianz
Global Corporate & Specialty (AGCS) SE is a leading global corporate
insurance carrier and a key business unit of Allianz Group. We provide risk consultancy, Property-Casualty insurance solutions and alternative risk
transfer
for a wide spectrum of commercial, corporate and specialty risks across 10
dedicated lines of business.
Our customers
are as diverse as business can be, ranging from Fortune Global 500 companies to
small businesses, and private individuals. Among them are not only the world's
largest consumer brands, tech companies and the global aviation and shipping
industry, but also wineries, satellite operators or Hollywood film productions.
They all look to AGCS for smart answers to their largest and most complex risks
in a dynamic, multinational business environment and trust us to deliver an
outstanding�claims experience.
Worldwide,
AGCS operates with its own teams in 32 countries and through the
Allianz Group network and partners in over 200 countries and territories,
employing over 4,450 people. As one of the largest Property-Casualty units of Allianz
Group, we are backed by strong and stable financial ratings. In 2019, AGCS
generated a total of �9.1 billion gross premium globally.
www.agcs.allianz.com
Twitter: @AGCS_Insurance
Cautionary Note Regarding Forward-Looking
Statements
The
statements contained herein may include statements of future expectations and
other forward-looking statements that are based on management's current views
and assumptions and involve known and unknown risks and uncertainties that
could cause actual results, performance or events to differ materially from
those expressed or implied in such statements. In addition to statements which
are forward-looking by reason of context, the words "may", "will",
"should", "expects", "plans",
"intends", "anticipates", "believes",
"estimates", "predicts", "potential", or
"continue" and similar expressions identify forward-looking
statements.
Actual
results, performance or events may differ materially from those in such
statements due to, without limitation, (i) general economic conditions,
including in particular economic conditions in the Allianz Group's core
business and core markets, (ii) performance of financial markets, including
emerging markets, and including market volatility, liquidity and credit events
(iii) the frequency and severity of insured loss events, including from natural
catastrophes and including the development of loss expenses, (iv) mortality and
morbidity levels and trends, (v) persistency levels, (vi) the extent of credit
defaults, (vii) interest rate levels, (viii) currency exchange rates including
the Euro/U.S. Dollar exchange rate, (ix) changing levels of competition, (x)
changes in laws and regulations, including monetary convergence and the
European Monetary Union, (xi) changes in the policies of central banks and/or
foreign governments, (xii) the impact of acquisitions, including related
integration issues, (xiii) reorganization measures, and (xiv) general
competitive factors, in each case on a local, regional, national and/or global
basis. Many of these factors may be more likely to occur, or more pronounced,
as a result of terrorist activities and their consequences.
The matters
discussed herein may also be affected by risks and uncertainties described from
time to time in Allianz SE's filings with the U.S. Securities and Exchange
Commission. The company assumes no obligation to update any forward-looking
statement.