This year’s Allianz Risk Barometer 2020, from top global insurer Allianz Global Corporate & Speciality (AGCS), puts cyber incidents up two places from last years list to the greatest threat to businesses in 2020.
Cyber incidents now overtake “business interruption,” last year’s number one threat and the top threat for the previous seven years. It’s a category which includes riots, civil unrest, terrorism, natural disasters, and fires.
Cyber incidents are more damaging and expensive
The 9th annual Allianz risk survey saw its highest participation, over 2,700 experts from more than 100 countries. The participants included CEOs, risk managers, brokers and insurance agents. As per a press release for the report:
“Cyber incidents have become more damaging and expensive for companies – and often result in lawsuits and litigation after the event.”
Of the respondents, 39% indicated cybersecurity was their greatest business threat. The figure was 37% for business interruption.
“Awareness of cyber threats has grown rapidly in recent years, driven by companies increasing reliance on data and IT systems and a number of high-profile incidents.”
In the barometer seven years ago, cyber incidents were far lower on the risk list, in 15th place with just 6% of responses. Joachim Müller, AGCS CEO says:
“The Allianz Risk Barometer 2020 highlights that cyber risk and climate change are two significant challenges that companies need to watch closely in the new decade. Of course, there are many other damage and disruption scenarios to contend with, but if corporate boards and risk managers fail to address cyber and climate change risks, this will likely have a critical impact on their companies’ operational performance, financial results and reputation with key stakeholders. Preparing and planning for cyber and climate change risks is both a matter of competitive advantage and business resilience in the era of digitalization and global warming.”
Climate change achieved its highest position yet on the Allianz list, climbing to 7th place.
Not only was cybersecurity indicated as the biggest challenge companies are facing in 2020 globally, but it was in the top three risks for most countries including the UK, US, Austria, Belgium, France, Spain, Sweden and Switzerland.
– Watch our free taster sketch “Phishing Emails in Real life” from our hilarious Sketches security awareness training series
Data breaches, ransomware, spoofing attacks and penalties from regulators
The report points to the threat of larger and more expensive data breaches, the rising number of ransomware and spoofing attacks but also the prospect of fines and litigation. Such fines coming from the increasing amount of data privacy legislation globally, such as GDPR in the UK. Allianz puts a large data breach, of a size of one million records or more, as costing an average of $42 million. This figure is up 8% year-on-year.
Marek Stanislawski, Deputy Global Head of Cyber for AGCS, says:
“Incidents are becoming more damaging, increasingly targeting large companies with sophisticated attacks and hefty extortion demands. Five years ago, a typical ransomware demand would have been in the tens of thousands of dollars. Now they can be in the millions.”
Human error and business loss can be mitigated by security awareness training
There is also a wider impact of cyber incidents, and that’s business interruption losses as a result of downtime, the unavailability of data, systems, or technology. That’s whether it’s a ransomware attack, a technical glitch, or a cyber-attack. Stanislawski adds:
“Many incidents are the results of human error and can be mitigated by staff awareness trainings which are not yet a routine practice across companies.”
At The Defence Works we understand both the growing cybersecurity threat and the need for security awareness which can prevent accidental breaches but also enable employees to identify attacks before they take hold in a corporate system.
Security awareness training works by addressing a number of areas that cause security vulnerabilities. It concentrates on major threats such as phishing and the importance of security hygiene. Security awareness teaches every employee about the danger of cyber incidents and how to incorporate a consciousness of cybersecurity into their every activity.
Want access to the world’s most interactive security awareness training? Sign up for a free demo and find out how we’re already helping organisations just like yours.
Subscribe to the Proofpoint Blog