Business Interruption Is the Main Cost Driver of Cyber Insurance Claims, Says Allianz

  • External attacks cause the most costly cyber losses, but internal incidents like human error or systems failure are more frequent
  • Inability to access data or services can affect revenues significantly, given growing reliance on online sales
  • Rise in ransomware attacks, the cost of lmega breaches and the Covid-19 working landscape present significant cyber risks for the future

External attacks on companies result in the most expensive cyber insurance losses, but employee mistakes and technical problems are the most frequent generator of claims, according to a report from Allianz Global Corporate & Specialty (AGCS), a business unit of Allianz Group.

The study, Managing the Impact Of Increasing Interconnectivity – Trends In Cyber Risk, analyzes 1,736 cyber-related insurance claims worth EUR 660 million (US$ 770 million) involving AGCS and other insurers from 2015 to 2020.

In 2016, when cyber was a relatively new line of insurance, AGCS had been notified of 77 cyber insurance claims, according to the report. That number rose to 809 in 2019 and, in 2020, the corporate insurance carrier has seen 770 claims in the first three quarters alone. A key reason for this steady increase is a 70% rise in the average cost of a cybercrime and a 60% increase in the average number of security breaches.

Losses resulting from DDoS attacks, phishing and malware account for 85% of the value of claims analyzedThese are followed by malicious internal actions, accidental internal incidents, IT or platform outages, systems and software migration problems or loss of data.

The potential impact from human error or technical failure incidents may also be heightened by the huge rise in remote working due to the coronavirus pandemic.

The main cost driver behind cyber losses is business interruption, which accounts for around 60% of the value of all claims analyzed. Costs involved with dealing with data breaches add to the tally.

“Businesses and insurers are facing a number of challenges such as the prospect of more expensive business interruptions, the rising frequency of ransomware incidents, more costly consequences of larger data breaches given more robust regulation and litigation, as well as the impact from the playing out of political differences in cyber space through state-sponsored attacks,” AGCS notes in a press release promoting the study.

Ransomware incidents are becoming more damaging, the analysis finds. Malicious actors increasingly target large companies with sophisticated attacks and ever-bigger extortion demands. Total costs associated with dealing with ransomware incidents are estimated to exceed $100 billion in the five-year period tracked by the study.

“High-end hacking tools are more widely available driven by the growing ‘commercialization of cyber-hacks’. Increasingly, criminals are selling malware to other attackers who then target businesses demanding ransom payments,” says Marek Stanislawski, Global Cyber Underwriting Lead at AGCS. “However, extortion demands are just one part of the picture. Business interruption can bring the most severe losses – with downtimes becoming longer – while systems and data restoration costs can quickly escalate.”

As IT systems and cyber events become more complex, and with the growth in cloud and third-party services, the cost of dealing with a large data breach is also rising. Mega breaches (involving one million or more records), as they’re called in the infosec industry, are more frequent and expensive, now costing $50mn on average, up 20% over 2019, AGCS analysts found.

Finally, the increasing involvement of nation states in cyber-attacks is a growing concern, according to the insurer. Major events like elections and Covid-19 present significant opportunities for state-sponsored actors, as do critical infrastructures like ports and terminals, and oil and gas installations.