Cybersecurity shot up to the #1 spot as the top peril for companies globally this year, from #2 last year and as low as #15 seven years ago, according to financial services firm Allianz.
Cyber incidents – defined as cyber-crime, IT failure/outage, data breaches, fines and penalties in the Allianz Risk Barometer for 2020 – rank as the top risk for companies globally in the Allianz Risk Barometer for the first time after receiving 39% of responses from more than 2,700 risk management experts in over 100 geographies.
“Business interruption,” a category of risk that includes halts to business from riots, civil unrest, terrorism, natural disasters, fires and other factors, fell to the #2 spot after seven years at the top.
Ransomware and BEC as key drivers of cyber risk
“Awareness of the cyber threat has grown rapidly in recent years, driven by companies’ increasing reliance on their data and IT systems and a number of high-profile incidents,” according to the report.
The insurance giant cites an increase in ransomware and business email compromise (BEC) as key drivers behind cyber’s recent ascension, but also takes into account the prospect of litigation after an event (i.e. GDPR fines).
Tensions between nation states are also playing out in cyber space, further fueling risk. Even mergers and acquisitions (M&A) are seen as risky from a cybersecurity standpoint, as evidenced by the Marriot mega breach in 2018.
As predicted by experts at the end of 2019, ransomware incidents are inflicting greater damage, with bad actors increasingly targeting large companies with sophisticated attacks and hefty extortion demands.
Allianz warns industrial and manufacturing firms to stay alert as cybercriminals increasingly target these verticals. However, law firms stand to lose the most from a cyber incident, according to the research, along with consultants and architects, for which IT systems and data are “their life blood.”
Data breaches are the main cause of cyber incidents
As companies collect and use ever greater volumes of data, breaches are becoming larger and costlier, the report notes.
A mega breach – exposing millions of user records – now costs $42 million on average (up 8% year-on-year). Breaches that compromise more than 50 million records cost $388 million on average – up 11%.
Allianz observes that data protection and privacy regulation, and subsequent penalties, are widening in scope and geographical reach, and expects the GDPR alone to bring a considerable wave of fines in 2020.