Cyber Risks Remain High and Complex, Says MRH Trowe

4 July 2024 alastair walker Global insurance trends 0

The threat to companies from cyber risks remains high and can be existential, says MRH Trowe. Data theft, business interruption and loss of reputation are among the main losses caused by cyberattacks. Damage amounts are easily in the five- to six-figure range. It’s a growing problem and here’s an overview of the challenges the insurance sector faces;

Risk situation and risk development

In 2023, there was a significant increase in complex cyber risks. About one in five companies in Germany has been the victim of a cyber attack. On average, an initial attack (intrusion) takes place eleven months before the actual cyber attack. This development is mainly due to advancing digitization and networking. Of particular note here are ransomware attacks and data breaches, which have increased in frequency and severity. The Corona pandemic has accelerated this development, as teleworking and working from home continues to pose a high security risk due to the use of private networks and devices. These trends have led to a significant increase in claims costs.

Geopolitical tensions and the economic downturn have further impacted the cybersecurity landscape. Companies were increasingly targeted by cybercrime, which further increased the need for effective cyber insurance.

Market reactions and innovations

The market reacted to these developments with new providers and the introduction of new products and services tailored to specific needs and new risks. These adjustments were necessary to meet the constantly changing threat situations. Nowadays, companies assume that cyber attacks are inevitable. Therefore, they should take precautions early on to be prepared for possible claims.

The year 2023 was also marked by technological innovations and stricter data protection and cybersecurity regulations. The revised EU Directive for Network and Information Security (NIS 2) marks a turning point in the fight against cyber attacks. The updated directive now also requires small and medium-sized enterprises (SMEs) to strengthen cybersecurity in companies across Europe and reduce the overall threat situation. In doing so, it focuses on the managing directors and CEOs of companies, because they will have to give IT security a much higher priority in the future in order to avoid personal liability.

With regard to risk protection through cyber insurance, this has various consequences in order to take account of the growing and more complex cyber risks.

  1. Extended coverage: In view of the increasing complexity of cyber risks, it will be necessary to expand the areas of coverage. This includes not only the traditional risks such as data loss or business interruptions, but also newer risks such as cloud outages, IoT-related risks, or AI-related incidents.
  2. Specialized products: Specialised insurance products are increasingly being developed for sectors with particularly high risks, such as financial services, healthcare and energy supply. These take into account the specific threat scenarios and requirements of these industries.
  3. Flexible policies: Customizable and modular insurance policies that allow companies to choose and customize coverage according to their specific needs are gaining traction.

Current assessment

The cyber insurance market is in a phase of intense dynamics and is facing major challenges. Digital transformation has led to an exponential increase in cyber risks. Organizations of all sizes and industries are facing advanced and diverse cyber attacks. Ransomware attacks, in particular, have reached a worrying frequency and sophistication. The integration of IoT devices and reliance on cloud services lead to new attack vectors and increase vulnerability to security breaches. The advancement of AI technology makes it easier for cybercriminals to develop complex attack tools. This can make it much more difficult to detect and defend against cyber attacks. This development presents both companies and cyber insurers with the challenge of continuously reassessing risks and adapting their offerings accordingly.

In a world where cyber risks are increasingly complex and dynamic, it is crucial not only to rely on adequate cyber insurance, but also to invest in effective internal risk management. Cybersecurity strategies must be continuously reviewed and adapted to protect against the evolving threats. Many SMEs will struggle to capture and implement the requirements of the NIS 2 Directive due to their limited resources. A cyber insurance risk assessment in conjunction with a NIS 2 compliance assessment can help here.

About alastair walker 19534 Articles
20 years experience as a journalist and magazine editor. I'm your contact for press releases, events, news and commercial opportunities at Insurance-Edge.Net
Twitter

Related Articles

News

Previsico Survey Reveals Corporate Lack of Action on Flood Defence

18 August 2024 alastair walker News 0

This is poor planning from many public sector and private companies alike; Despite the catastrophic effects of serious flooding on any business, a new survey from Previsico, the live flood forecasting and water management data […]

News

UK Cyber Security: Inaugural Practitioners Meeting

9 October 2023 alastair walker News 0

What’s happening with cyber in the UK? Here’s an update from the Cyber Security Council; The UK Cyber Security Council has ushered in the country’s first cohort of chartered cyber security practitioners following the launch […]

Emerging Risk

Dixons Carphone Warehouse Data Breach Highlights Risks For Insurance Sector

13 June 2018 alastair walker Emerging Risk, Insurance Regulation 0

The news that the Dixons Carphone Warehpuse group suffered a data breach involving almost 6 million accounts highlights the huge risks in the growing cyber insurance sector. Although Dixons-Carphone (DC) say that no fraud has […]

Be the first to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.