Business interruption (BI) continues to lead the ranking of global corporate risks for the fifth year in a row according to the sixth annual Allianz Risk Barometer, which surveys over 1,200 risk managers and corporate insurance experts from more than 50 countries.
“Companies worldwide are bracing for a year of uncertainty,” says Chris Fischer Hirs, CEO of Allianz Global Corporate & Specialty SE. “Unpredictable changes in the legal, geopolitical and market environment around the world are constant items on the agenda of risk managers and the C-suite. A range of new risks are emerging which require re-thinking of current monitoring and risk management tools.”
“In Australia, BI is a concern because it is all too often a poorly understood exposure that has the potential to be very damaging to client’s business if it is not insured correctly,” says James Stack, Head of Market Management of Allianz Global Corporate & Specialty – Pacific.
“Damage to a tangible asset such as a building is relatively easy to understand and insure appropriately, but loss of income arising from damage to that asset brings an added level of complexity that makes it inherently harder to comprehend and quantify. Brokers, Insurers and Clients need to get to grips with how much of their business would be lost from an event and how the loss of any one site would impact the business more generally. Combine this with factors such as calculating the correct sum insured and calculating the correct indemnity period for any potential interruption and it can result in a lot of work to get it insured correctly. ”
In Australia, companies are persistently targeted by a broad range of malicious cyber activities, risking the profitability, competitiveness and reputation of their business, states Stack.
— Allianz (@Allianz) January 13, 2017
“Some of the more common incidents to have occurred in Australia are Cyber Extortion, Cyber Theft and Denial of Service Attacks. In Australia, many of these remain undetected or unreported. No company or industry is immune from these incidents, with smaller companies often targeted due to their less mature and robust systems whilst large companies remain victims due to the volume and nature of data held. Australian businesses are vulnerable not only to the financial cost of such incidents, for example business interruption, cost of repairs and remediation work but perhaps more importantly their reputation to their customers, employees and shareholders.”
Businesses and their processes are becoming ever more connected to the online world as part of the “Internet of Things” phenomenon. Smart devices and technology are becoming more prevalent in businesses and homes whether it is the use of apps for internal or external use, smart home technologies, or mobile payments.
All of these new technologies create additional access points to a company’s network and make them more susceptible to cyber attacks. The entire supply chain can now be exposed at multiple points given increased connectivity to networks, which is shifting the cause of supply chain disruptions from historically manual and human errors to digital and cyber ones.
Outsourcing and the Cloud, whilst not new, also remains a major risk to established businesses in Australia – whilst data management, hosting and internet services may be outsourced, the company still remains responsible for that data and hence is exposed not only too attacks on its own systems, but also to its third party vendors.”
“The causes of BI depend on the account in question but, generally the three main causes for BI in Australia according to Stack are natural catastrophe exposure, supply chain interruption and large fire/ explosion” says Stack.
Results also show that smaller companies may be underestimating cyber risk: in this category (revenues <€250 million), cyber ranks only number six. However, the impact of a serious incident could be much more damaging for such firms.
Stack encourages brokers to share the findings of the risk barometer with their clients.
“In particular the break down at industry level. Be inquisitive with clients about the level of understanding of risk they are facing and the risk transfer solutions that may be available to them.”