The global cyber insurance market is expected to skyrocket in the next decade, with new research revealing that cyber risks are moving well beyond privacy and reputation.
A new report released by Allianz Global Corporate & Speciality (AGCS) states that new risk exposures are predicted to push the global cyber insurance market upward of $20 billion by 2025.
Cyber risks are moving beyond established threats, such as data breach, privacy and reputational damage, to encompass far more detrimental issues, including operational damage and business interruption.
The interconnectivity of electronic devices and business is breeding a new level of risk complexity. Businesses are urged to develop a cyber security culture with stakeholders in an effort to share risk management knowledge.
According to the report, fewer than 10% of companies currently purchase cyber-specific policies.
“As recently as 15 years ago, cyber attacks were fairly rudimentary and typically the work of hacktivists, but with increasing interconnectivity, globalisation and the commercialisation of cyber crime there has been an explosion in both frequency and severity of cyber attacks,” says AGCS CEO Chris Fischer Hirs.
“Cyber insurance is no replacement for robust IT security but it creates a second line of defence to mitigate cyber incidents.”
AGCS warns that a new generation of complex cyber risk is burgeoning, with future risks likely to be associated with intellectual property theft, cyber extortion, business interruption (BI) following cyber attack, and operational and technical failure.
Cyber expert in AGCS’s global property underwriting team Georgi Pachov says that BI is developing into a crucial aspect of cyber threat.
“Awareness of BI risks and insurance related to cyber and technology is increasing,” Pachov says.
“Within the next five to 10 years BI will be seen as a key risk and a major element of the cyber insurance landscape.” [Click to tweet]
Companies are advised to address the growing threat of cyber attack with a comprehensive risk management plan, considered fundamental to the success of any cyber defence strategy.
AGCS recommends a shared approach to handling cyber risk, suggesting that stakeholders from across the business collaborate to share knowledge, propagate awareness and lead action.
Cross-company participation has been identified as an key component to cyber risk mitigation, with companies more easily able to identify vital assets at risk and develop crisis response plans.
Cyber expert for AGCS Pacific Max Broodryk says that a sound cyber defence strategy goes beyond purchasing cyber insurance.
“Once you have purchased cyber insurance it does not mean that you can ignore IT security,” Broodryk says.
“The technological, operational and insurance aspects of risk management go hand in hand.”
Cyber risk is currently estimated to cost the Australian economy 0.08% of GDP per year – approximately $1.3 billion.