Data breaches undoubtedly cost organizations massive losses not only in financials but also in reputation. However, the latest report by Allianz Global Corporate & Specialty (AGCS) titled “Managing The Impact Of Increasing Interconnectivity — Trends In Cyber Risk” saw that it was employees’ mistakes that largely cause these attacks.
“Losses from incidents such as distributed denial of service (DDoS) attacks or phishing and ransomware campaigns account for a significant majority of the value of cyber claims today,” said Catharina Richter, global head of the Allianz Cyber Center of Competence, which is embedded into AGCS.
The study analyzes 1,736 cyber-related insurance claims worth EUR 660mn (US$ 770mn) involving AGCS and other insurers from 2015 to 2020.
Allianz: APAC companies rank cyber incidents as top business risk
Kaspersky predicts APT attacks will evolve in 2021
“But although cybercrime generates the headlines, everyday systems failures, IT outages and human error incidents can also cause problems for companies, even if their financial impact is not, on average as severe. Employers and employees must work together to raise awareness and increase cyber resilience,” Richter said.
The number of cyber insurance claims AGCS has been notified of has steadily risen over the last few years, up from 77 in 2016, when cyber was a relatively new line of insurance, to 809 in 2019. In 2020, AGCS has already seen 770 claims in the first three quarters. This steady increase in claims has been driven, in part, by the growth of the global cyber insurance market which is currently estimated to be worth $7 billion, according to Munich Re.
Cyber insurance
AGCS SE is a global corporate insurance carrier and a key business unit of Allianz Group. It provides risk consultancy, Property-Casualty insurance solutions, and alternative risk transfer for a wide spectrum of commercial, corporate, and specialty risks across 10 dedicated lines of business.
AGCS started offering cyber insurance in 2013. In 2019, it generated more than 100 million euros in gross written premium in this segment. At the same time, the report also highlights that there has been over 70% increase in the average cost of cybercrime to an organization over five years to $13 million and a more than 60% increase in the average number of security breaches.
Losses resulting from external incidents, such as DDoS attacks or phishing and malware or ransomware campaigns, account for the majority of the value of claims analyzed (85%) according to the report, followed by malicious internal actions (9%), which are infrequent but can be costly. Accidental internal incidents, such as employee errors while undertaking daily responsibilities, IT or platform outages, systems, and software migration problems or loss of data account for over half of cyber claims…
Read More: Companies lose money from cyber attacks caused by human error – Back End