BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.
To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.
To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.
Business interruption losses accounted for 60% of cyber insurance claims in the past five years, according to a report published Thursday by Allianz Global Corporate & Specialty SE.
AGCS’s analysis of more than 1,700 cyber insurance claims worth €660 million ($781.5 million) in the past five years also reveals that the average cost of cybercrime for organizations has increased 70% to $13 million. Meanwhile, the number of attacks has risen by 60%.
There has also been a further increase in the number of cyber claims this year, AGCS said. There were 770 claims lodged with AGCS in the first nine months of 2020. This follows 809 for the whole of 2019. But AGCS said it is too early tell if this uptick is being caused by COVID-19.
Business interruption can bring the most severe cyber losses, with downtimes becoming longer, and systems and data restoration costs can quickly escalate, AGCS said.
“Whether due to ransomware, human error or a technical fault, the loss of critical systems or data can bring an organization to its knees in today’s digitalized economy,” Joerg Ahrens, global head of long-tail claims at AGCS, said in a statement. “If an online platform is unavailable due to a technical glitch or cyber event, it could bring large losses for companies that rely on it, particularly given today’s increasing reliance on online sales or digital supply chains,” Mr. Ahrens said.
While external cyberattacks cause the most expensive cyber insurance losses, employee mistakes and technical problems result in the greatest number of claims, the report said.
AGCS said more than half (54%) of claims were down to accidental internal incidents, such as employee error or outages, but losses were small.
When it comes to value, cyberattacks – including distributed denial of service (DDoS), phishing and malware – accounted for the majority of claims analyzed by AGCS (85%). Malicious internal actions accounted for 9% of losses.
“Losses from incidents such as DDoS attacks or phishing and ransomware campaigns account for a significant majority of the value of cyber claims today,” Catharina Richter, global head of Allianz’s Cyber Center of Competence said in the statement.
Almost half a million ransomware incidents were reported globally last year, costing at least $6.3 billion in ransom demands. Total costs are thought to be in excess of $100 billion.
“Although cybercrime generates the headlines, everyday systems failures, IT outages and human-error incidents can also cause problems for companies, even if their financial impact is not, on average, as severe. Employers and employees must work together to raise awareness and increase cyber resilience,” Ms. Richter said.
Businesses and insurers face more expensive business interruptions in the future, alongside other challenges such as more ransomware incidents, higher costs from large data breaches and greater risk from state-sponsored attacks, AGCS said.
Mega data breaches, which involve more than one million records, now cost an average of $50 million, up 20% compared to 2019, AGCS said.
Higher levels of remote working caused by Covid-19 have created new opportunities for cybercriminals to access networks, alongside coronavirus-themed online scams and phishing campaigns, the report said.
Malware and ransomware incidents have increased by more than a third since the start of 2020, AGCS said. But while exposures are rising, it is too early to tell if this is directly linked to COVID-19.
“AGCS has seen the first few cyber claims that can be indirectly attributed to the COVID-19 landscape, including ransomware attacks that can be linked to the shift to more remote working. However, it’s too early to confirm a broader trend,” it said.
Commercial Risk Europe is a sister publication of Business Insurance. More stories from CRE here.
Dave Waterson, chief executive of software security provider SentryBay, expects a 40% rise in cyber attacks next year, Continuity Central reports. Work from home policies, implemented to curtail the spread of the COVID-19 pandemic, have exposed smaller enterprises to a level of sophisticated cyber attacks ordinarily reserved for large multi-nationals, Mr. Waterson said.