Allianz: Cyber crime brings expensive losses for companies, but internal failures most frequent cause of cyber claims

November 19, 2020 - 02:17
Allianz: Cyber crime brings expensive losses for companies, but internal failures most frequent cause of cyber claims

  • AGCS analysis of more than 1,700 cyber claims: Externalevents such as "DDoS" attacks result in the most costly cyber losses but internalincidents like human error or systems failure occur more often, albeit with alower financial impact.
  • Businessinterruption is the main cost driver of cyber claims. Inability to access data or services can have a significant impact onrevenues, given growing reliance on online sales.
  • Rise in ransomware attacks, the cost of largerdata breaches and the Covid-19 working landscape present significant future cyberrisks.

JOHANNESBURG/LONDON/MUNICH/NEWYORK/PARIS/SAO PAULO/SINGAPORE - Media OutReach - 19 November 2020 - Externalattacks on companies result in the most expensive cyber insurance losses but itis employee mistakes and technical problems that are the most frequent generatorof claims by number, according to a new report from Allianz Global Corporate& Specialty (AGCS), Managing The Impact Of IncreasingInterconnectivity -- Trends In Cyber Risk. The study analyzes 1,736 cyber-relatedinsurance claims worth EUR 660mn (US$ 770mn) involving AGCS and other insurers from2015 to 2020.


"Losses from incidents such as distributeddenial of service (DDoS) attacks or phishing and ransomware campaigns accountfor a significant majority of the value of cyber claims today," says CatharinaRichter, Global Head of the AllianzCyber Center of Competence, which is embedded into AGCS. "But althoughcyber crime generates the headlines, everyday systems failures, IT outages and humanerror incidents can also cause problems for companies, even if their financialimpact is not, on average as severe. Employers and employees must work togetherto raise awareness and increase cyber resilience."

The number ofcyber insurance claims AGCS has been notified of has steadily risen over thelast few years, up from 77 in 2016, when cyber was a relatively new line ofinsurance, to 809 in 2019. In 2020, AGCS has already seen 770 claims in thefirst three quarters. This steady increase in claims has been driven, in part,by the growth of the global cyber insurance market which is currently estimatedto be worth $7bn according to Munich Re. AGCS started offering cyberinsurance in 2013 and, in 2019, generated more than EUR 100mn in gross writtenpremium in this segment. At the same time the report also highlights that therehas been a 70%+ increase in the average cost of cyber crime to an organizationover five years to $13mn and a 60%+ increase in the average number of security breaches.


Lossesresulting from external incidents, such as DDoS attacks or phishing andmalware/ransomware campaigns, account for the majority of the value of claimsanalyzed (85%) according to the report, followed by malicious internal actions(9%) -- which are infrequent but can be costly. Accidental internal incidents,such as employee errors while undertaking daily responsibilities, IT orplatform outages, systems and software migration problems or loss of data accountfor over half of cyber claims analyzed by number (54%) but, often, thefinancial impact of these is limited compared with cyber crime. However, lossescan quickly escalate in the case of more serious incidents.


Businessinterruption is the main cost driver behind cyber losses, accounting for around60% of the value of all claims analyzed in the report, followed by costsinvolved with dealing with data breaches.

The cyber risk environment is notexpected to become any easier in future, the report notes. Businesses andinsurers are facing a number of challenges such as the prospect of moreexpensive business interruptions, the rising frequency of ransomware incidents,more costly consequences of larger data breaches given more robust regulation andlitigation, as well as the impact from the playing out of political differencesin cyber space through state-sponsored attacks. The impact of these trends is alsothe subject of a new AGCS podcast.

The huge risein remote working due to the coronavirus pandemic is also an issue. Displacedworkforces create new opportunities for cyber criminals to gain access tonetworks and sensitive information. Malwareand ransomware incidents are already reported to have increased by more than athird since the start of 2020, while coronavirus-themed online scams andphishing campaigns about the pandemic continue. At the same time thepotential impact from human error or technical failure incidents may also beheightened.

Whileexposures are rising, the Covid-19 outbreak cannot yet be said to be a directcause of cyber-related claims. AGCS has seen the first few cyber claims that canbe indirectly attributed to the Covid-19 landscape, including ransomwareattacks which can be linked to the shift to more remote working. However, it'stoo early to confirm a broader trend.


Ransomware threatssurge

Already high in frequency, ransomware incidents arebecoming more damaging, increasingly targeting large companies withsophisticated attacks and hefty extortion demands. There were nearly half amillion ransomware incidents reported globally last year, costing organizationsat least $6.3bn in ransom demands alone. Total costs associated with dealing with theseincidents are estimated to be well in excess of $100bn.


"High-end hacking tools are more widelyavailable driven by the growing'commercialization of cyber-hacks'. Increasingly, criminals are selling malwareto other attackers who then target businesses demanding ransom payments," says Marek Stanislawski, Global Cyber UnderwritingLead at AGCS. "However, extortion demands are just one part of the picture.Business interruption can bring the most severe losses -- with downtimesbecoming longer -- while systems and data restoration costs can quickly escalate."


Businessinterruption and digital supply chain vulnerability growing

"Whether due to ransomware, human error or atechnical fault, the loss of critical systems or data can bring an organizationto its knees in today's digitalized economy," says Joerg Ahrens, Global Head ofLong-Tail Claims at AGCS. "The inability to access data for an extended periodof time can have a significant impact on revenues -- for example, if a companyis unable to take orders. Similarly, if an online platform is unavailable dueto a technical glitch or cyber event, it could bring large losses for companiesthat rely on it, particularly given today's increasing reliance on online salesor digital supply chains."


Data breaches and state-sponsored attacks


The cost of dealing with a large data breach isrising as IT systems and cyber events become more complex, and with the growthin cloud and third-party services. Data privacy regulation, which has recentlybeen tightened in many countries, is also a key factor driving cost, as isgrowing third-party liability and the prospect of class action litigation. So-calledmega data breaches (involving more than one million records) are more frequentand expensive, now costing $50mn on average, up 20% over 2019.


In addition, the impact of the increasinginvolvement of nation states in cyber-attacks is a growing concern. Majorevents like elections and Covid-19 present significant opportunities. During 2020Google said it has had to block over 11,000 government-sponsored potentialcyber-attacks per quarter. Recent years have seen critical infrastructure, suchas ports and terminals and oil and gas installations hit by cyber-attacks andransomware campaigns.


Prepare, practice and prevent


Preparation and training of employees can significantly reduce the consequencesof a cyber event, especially in phishing and business email compromise schemes,which can often involve human error. It can also help mitigate ransomwareattacks, although maintaining secure backups can limit damage. Cross-sector exchangeand cooperation among companies -- such as what has been established by the Charter of Trust -- isalso key when it comes to defying highly commercially-organized cyber crime,developing joint security standards and improving cyber resilience.

The Covid-19 landscape brings new challenges. With home-workingwidespread, security around access and authentication points is critical butorganizations should also ensure there is sufficient network capacity as thiscan have a significant impact on lost income if there is an outage.

About Allianz Global Corporate & Specialty SE

AllianzGlobal Corporate & Specialty (AGCS) SE is a leading global corporateinsurance carrier and a key business unit of Allianz Group. We provide risk consultancy, Property-Casualty insurance solutions and alternative risktransferfor a wide spectrum of commercial, corporate and specialty risks across 10dedicated lines of business.

Our customersare as diverse as business can be, ranging from Fortune Global 500 companies tosmall businesses, and private individuals. Among them are not only the world'slargest consumer brands, tech companies and the global aviation and shippingindustry, but also wineries, satellite operators or Hollywood film productions.They all look to AGCS for smart answers to their largest and most complex risksin a dynamic, multinational business environment and trust us to deliver anoutstanding claims experience.

Worldwide,AGCS operates with its own teams in 32 countries and through theAllianz Group network and partners in over 200 countries and territories,employing over 4,450 people. As one of the largest Property-Casualty units of AllianzGroup, we are backed by strong and stable financial ratings. In 2019, AGCSgenerated a total of €9.1 billion gross premium globally.




Cautionary Note Regarding Forward-LookingStatements

Thestatements contained herein may include statements of future expectations andother forward-looking statements that are based on management's current viewsand assumptions and involve known and unknown risks and uncertainties thatcould cause actual results, performance or events to differ materially fromthose expressed or implied in such statements. In addition to statements whichare forward-looking by reason of context, the words "may", "will","should", "expects", "plans","intends", "anticipates", "believes","estimates", "predicts", "potential", or"continue" and similar expressions identify forward-lookingstatements.

Actualresults, performance or events may differ materially from those in suchstatements due to, without limitation, (i) general economic conditions,including in particular economic conditions in the Allianz Group's corebusiness and core markets, (ii) performance of financial markets, includingemerging markets, and including market volatility, liquidity and credit events(iii) the frequency and severity of insured loss events, including from naturalcatastrophes and including the development of loss expenses, (iv) mortality andmorbidity levels and trends, (v) persistency levels, (vi) the extent of creditdefaults, (vii) interest rate levels, (viii) currency exchange rates includingthe Euro/U.S. Dollar exchange rate, (ix) changing levels of competition, (x)changes in laws and regulations, including monetary convergence and theEuropean Monetary Union, (xi) changes in the policies of central banks and/orforeign governments, (xii) the impact of acquisitions, including relatedintegration issues, (xiii) reorganization measures, and (xiv) generalcompetitive factors, in each case on a local, regional, national and/or globalbasis. Many of these factors may be more likely to occur, or more pronounced,as a result of terrorist activities and their consequences.

The mattersdiscussed herein may also be affected by risks and uncertainties described fromtime to time in Allianz SE's filings with the U.S. Securities and ExchangeCommission. The company assumes no obligation to update any forward-lookingstatement.