Allianz Global
Corporate & Specialty
Allianz Global
Corporate & Specialty
Ransomware remains a top cyber risk for organizations globally while business email compromise incidents are on the rise and will increase further in the ‘deep fake’ era. At the same time, the war in Ukraine and wider geopolitical tensions are a major concern as hostilities could spill over into cyber space and cause targeted attacks against companies, infrastructure or supply chains, according to a new report from Allianz Global Corporate & Specialty (AGCS).
The insurer’s annual review of the cyber risk landscape also highlights the emerging threats posed by the growing reliance on cloud services, an evolving third-party liability landscape that means higher compensation and penalties, as well as the impact of a shortage of cyber security professionals. Such potential vulnerabilities mean that today a company’s cyber security resilience is scrutinized by more parties than ever before, including global investors, meaning many firms now rank it as their major environmental, social, and governance (ESG) risk concern, the report notes.
“The cyber risk landscape doesn’t allow for any resting on laurels. Ransomware and phishing scams are as active as ever and on top of that there is the prospect of a hybrid cyber war,” says Scott Sayce, Global Head of Cyber at AGCS and Group Head of the Cyber Centre of Competence. “Most companies will not be able to evade a cyber threat. However, it is clear that organizations with good cyber maturity are better equipped to deal with incidents. Even when they are attacked, losses are typically less severe due to established identification and response mechanisms.
“Although we see good progress, our experience also shows that many companies still need to strengthen their cyber controls, particularly around IT security trainings, better network segmentation for critical environments and cyber incident response plans and security governance. As a cyber insurer we are willing to go beyond pure risk transfer, helping clients to adapt to a changing risk landscape and raising their protection levels.”
Around the world, the frequency of ransomware attacks remains high, as do related claims costs. There was a record 623 million attacks in 2021, double that of 2020. Although frequency reduced by 23% globally during the first half of 2022, the year-to-date total still exceeds that of the full years of 2017, 2018 and 2019, while Europe saw attacks surge over this period. Ransomware is forecast to cause $30bn in damages to organizations globally by 2023. From an AGCS perspective, the value of ransomware claims the company was involved in together with other insurers, accounted for well over 50% of all cyber claims costs during 2020 and 2021.
“The cost of ransomware attacks has increased as criminals have targeted larger companies, critical infrastructure and supply chains. Criminals have honed their tactics to extort more money,” Sayce explains. “Double and triple extortion attacks are now the norm – besides the encryption of systems, sensitive data is increasingly stolen and used as a leverage for extortion demands to business partners, suppliers or customers.” Ransomware severity is likely to remain a key threat for businesses, fueled by the growing sophistication of gangs and rising inflation, which is reflected in the increased cost of IT and cyber security specialists.
Increasingly, smaller and mid-sized companies which often lack controls and resources to invest in cyber security are being targeted by gangs as larger businesses invest more heavily in security. Gangs are also using a wide range of harrassment techniques, are tailoring their ransom demands to specific companies and are using expert negotiators to maximize returns.
The war in Ukraine and wider geopolitical tensions are a major factor reshaping the cyber threat landscape as it increases the risk of espionage, sabotage and destructive cyber-attacks against companies with ties to Russia and Ukraine, as well as allies and those in neighboring countries. State-sponsored cyber acts could potentially target critical infrastructure, supply chains or corporations. “As yet the war between Russia and Ukraine has not led to a notable uptick in cyber insurance claims, however it does point to a potentially increased risk from nation-states,” Sayce explains. Although acts of war are typically excluded from traditional insurance products, the risk of a hybrid cyber war has accelerated efforts in the insurance market to address the issue of war and state-sponsored cyber attacks in wordings and provide clarity of cover for customers.
AGCS experts identify a number of other trends in the ‘Cyber: The changing threat landscape’ report including:
In response to a more complex risk environment and increasing cyber claims activity, the insurance industry is more diligently assessing companies’ cyber risk profiles in a bid to incentivize companies to improve their security and risk management controls.
“The good news is that we are now seeing a very different conversation on the quality of cyber risk than a few years ago,” says Sayce. “We are gaining much better insights and appreciate clients going the extra mile in order to provide comprehensive data to us. This also helps us to provide more value and offer useful information and advice to customers, such as which controls are most effective or where to further improve risk management and response approaches. The net result should be fewer – or less significant – cyber events for our customers and fewer claims for us. Such collaboration will also help in creating a long-term sustainable cyber insurance market which not only relies on traditional coverages but, increasingly, on integrating cyber risks into captive programs and other alternative risk transfer concepts.”
Expert risk article
The global rollout of the 5G network promises unprecedented levels of potential but also brings a proliferation of risks.
Magazine
We’re discussing the burning issues and emerging exposures in global risk management, designed to help you navigate through eventful times.
Report
This report highlights some of the main cyber risk trends we see from an underwriting, risk consulting and claims perspective.
Expert risk article
From ransomware identification, user awareness and business continuity planning to backups: What does good IT security look like?
Campaign
For multinational business. For settling your claims. For tackling all risks ahead.
Report
We examine global developments in corporate insurance claims, highlighting the top causes of loss for companies and other trends to watch.
Interview with Chief Claims Officer
Russia’s war in Ukraine continues unabated, and the potential impact on the insurance industry is increasingly coming into question.
Video
Solutions we can offer the technology, media and telecommunications (TMT) industry market.
Podcast
We took our podcast series out of the office and over to the RIMS 2022 conference to speak to some of our clients , brokers and experts.
Expert risk article
Jody Yee discusses some of the main drivers behind the top risks facing the sector – from the specter of cybercrime to the acute talent shortage.
Expert risk article
Financial services companies are facing multiple risk management challenges. However, it is a number of “non-financial” risks that are most concerning.
Global | Press release
AGCS appoints Vanessa Maxwell as new Global Head of Financial Lines. In this role she will succeed – and also subsequently report to – Shanil Williams.
Allianz Risk Barometer 2022 | Expert risk article
Fire and explosion, Shortage of skilled workforce, Market developments and Macroeconomic developments: Risks ranked 7-10 in this year's Risk Barometer.
Allianz Risk Barometer 2022 | Expert risk article
Cyber risk hits the top spot, with a series of ransomware attacks, combined with problems caused by accelerating digitalization and remote working.
Global | Press release
Cyber perils are the biggest concern for companies globally in 2022, according to the Allianz Risk Barometer. Read the full press release.
Allianz Global Corporate & Specialty (AGCS) is a leading global corporate insurance carrier and a key business unit of Allianz Group. We provide risk consultancy, Property-Casualty insurance solutions and alternative risk transfer for a wide spectrum of commercial, corporate and specialty risks across nine dedicated lines of business and six regional hubs.
Our customers are as diverse as business can be, ranging from Fortune Global 500 companies to small businesses. Among them are not only the world’s largest consumer brands, financial institutions, tech companies and the global aviation and shipping industry, but also floating wind parks or Hollywood film productions. They all look to AGCS for smart solutions and global programs to their largest and most complex risks in a dynamic, multinational business environment and trust us to deliver an outstanding claims experience.
Worldwide, AGCS operates with its own teams in more than 30 countries and through the Allianz Group network and partners in over 200 countries and territories, employing around 4,250 people. As one of the largest Property-Casualty units of Allianz Group, we are backed by strong and stable financial ratings. In 2021, AGCS generated a total of €9.5 billion gross premium globally.
source