Categories
News & Blogs

The Rising Cost of Cyber

The Rising Cost of Cyber

12 August 2022

Only 43% of UK businesses have an insurance policy in place that protects them against cyber risks – shockingly only a tiny fraction (5%) of these have specific cyber policies catered to their needs.


The modern risks businesses need to protect against now, such as cyber, wouldn’t even have been considered by most businesses 20 years ago, yet over the last few years the products available have become quite sophisticated and more of our clients now consider this a vital part of their insurance programme. Cyber packages now can include threat warning intelligence, forensics, post-breach communications and data recovery.

The lockdown in March 2020 in response to the Covid-19 pandemic challenged businesses with the need for their office staff to work from home, but it also brought new opportunities for cyber criminals.  The Cyber Security Breaches Survey is an influential research study for UK cyber resilience, their report details 39% of businesses suffering a cyber attack in 2021. More than half or those believed their exposure was heightened due to home working arrangements.

Ransomware and phishing attacks also increased during the pandemic with cyber criminals using this as a hook, and attacks are still on the rise. Ransomware was ranked as the top cyber exposure of concern in 2022 in the Allianz Risk Barometer. And just when we thought we were through the pandemic, Russia’s attack on Ukraine brought additional cyber concerns.

Cyber incidents can have a devastating impact on businesses, and few have the in-house resources to deal with an attack or breach. The disruption to day-to-day operations can be catastrophic, when combined with financial loss, reputational damage and fines some businesses may not even survive an attack.

But the insurance market is responding with more sophisticated offerings not only to protect businesses, but to deploy the resources required to get them back to business as usual too. As the cyber landscape continually evolves, so does the insurance offering. However, cyber insurers are seeing more claims as the number of incidents rise, along with the take-up of cyber insurance and this is having an impact on both premiums and availability. The recent surge in ransomware claims has driven up cyber insurance pricing by up to 92%.

Insurers are now more cautious about the risks they take – if your cyber security is poor and you are at a greater risk of attack, you may find it financially prohibitive to obtain cyber cover, or you may not find an insurer willing to take your risk. Insurers need to be assured that you are taking appropriate steps to protect yourself against cyber threats with Virtual Private Network (VPN) and multi-factor authentication (MFA) now a standard requirement.

To chat about how Cyber Insurance can help your business, contact Charlotte Perkins at [email protected], 0115 942 0111 or connect with Charlotte on LinkedIn

Categories
News & Blogs

Insuring the Intangible

Insuring the Intangible

4 August 2022

 

For over 100 years we have insured material assets such as cargo and property but as the world changes, so do the risks and insurance has evolved as much as the world we live in.

When Harold Wilson insured chemist Jesse Boot’s first Rolls Royce, car insurance was pretty cutting edge – little did he know we’d still be at the forefront of emerging risks a century later.

We work with many corporate clients and even social influencers where their brand, intellectual property and data is far more valuable to them than tangible assets. No longer do companies measure their value purely in tangible assets, such as property, equipment and stock.

For some businesses the value of their intangible assets such as brand, reputation, intellectual property and data has overtaken the value of their physical assets. Certain reports show intangible assets accounting for 90% of portfolios amongst Standard & Poor’s 500 companies, compared to just 17% in 1975.

The digital revolution is a major factor in this shift, especially over the last two years as so many businesses moved their operations online during the pandemic. This may well have been part of their future plans, but the necessity of lockdown accelerated this move. Not only were these businesses able to respond to the needs of their UK customers during lockdown and expand their existing customer base, but it provided the opportunity to expand their businesses internationally.

However, moving a business online and the necessity of home working not only brought opportunity, but increased threat due to network vulnerabilities and the rise in cyber attacks, ransomware and phishing attempts. Many businesses that moved swiftly to take their businesses online simply didn’t have the technical skills or time to access the specialist support required to minimise their vulnerabilities or have the specific cyber cover to respond should they suffer a breach. These risks included the threat to their intangible assets such as reputation and brand.

Some businesses that have historically operated on a traditional business model may not even consider the value of their intangible assets such as brand, intellectual property and data – and in that case they certainly won’t have estimated the cost of replacing or redeveloping these assets.

Even for businesses that acknowledge these intangible assets, establishing their actual value can be a challenge too. If a business has bought an asset it’s simple, but something that’s been built and developed by your business over time is very different – and that value will change over time too.

As a broker we have experience of helping businesses review their insurance programme to ensure they have in place the insurance solutions that work for their unique business, which may have changes significantly over the last few years. We not only guide them through the design of their insurance programme to identify their tangible risks, but the intangible too such as protection against associated legal costs, loss of brand equity and the theft of intellectual property. And then we explain it all to you in plain English, so you know exactly what’s covered.

If you haven’t arranged a review of your insurance programme, now is the time. Contact Charlotte Perkins at [email protected], 0115 942 0111 or connect with Charlotte on LinkedIn

Categories
News & Blogs

Global Risks – The Digital Pandemic

Allianz Risk Barometer, the annual corporate risk survey conducted among Allianz customers, brokers and industry trade organisations incorporates the views of 2,650 respondents from the UK and across the globe.


The Top 3 UK Concerns

The 2022 report highlighting the most important business risks for the next 12 months and beyond, established that Cyber was the new top concern for businesses in the UK and across the globe, with over 50% of UK respondents stating this as their most concerning risk.

Understandably, Covid-19 continues to cast its shadow particularly as the cyber risk is heightened by companies’ growing reliance on technology and the shift to remote and flexible working. This only increases the risks businesses face, in addition to the usual ransomware and other cyber-attacks that continue to disrupt businesses.

Business Interruption (BI) has dropped from the top spot to second place in the rankings this year, despite a year of unprecedented global supply chain disruption – only the third time in the 11-year history of the Allianz Risk Barometer that it is not ranked top. However, Despite the ongoing repercussions of Covid-19, the most feared cause of BI in this year’s survey is cyber!

Surprisingly Climate Change was the third ranking concern for respondents in the UK and received its highest ever ranking of 6th on the global rankings.

Cyber

The top cyber exposure of concern was Ransomware, just ahead of data breaches. Ransomware remains big business for cyber criminals, with the commercialisation of cyber crime making it easier for criminals to exploit vulnerabilities on a massive scale. Now those criminals with very little technical knowledge can carry out ransomware attacks for as little as a $40 per month subscription, using cryptocurrency to help evade detection.

Another change in the way these criminals operate is the use of ‘double extortion’ tactics, combining the initial encryption of data with a threat to release sensitive or personal data. Encryption or deletion of backups, making restoration and recovery more difficult or even impossible is another disturbing and growing trend. This is only overshadowed by the recent alarming incidents where attackers harass employees to gain access to systems, as well as going directly to company senior executives to demand ransoms.

Cyber claims increased significantly over the past few years and remain at elevated levels, both in terms of claim numbers and claim payments. Ransomware tops the claims list too, with the number of claims received in the first half of 2021 higher than the total number for the whole of 2019. Extortion demands have more than doubled and BI losses have escalated as larger businesses and their supply chains are targeted.

It is important to remember that the rise in claims will be impacted by the number of businesses that now have cyber insurance, which has also risen significantly as businesses acknowledge their increased vulnerability – remote working, disruption to digital supply chains and cloud platforms ranked third and fourth as cyber risks of concern.

For those businesses that have yet to include Cyber Insurance as part of their programme, the cyber risk landscape has changed and insurer focus has turned to effective cyber risk management. Each proposal form is now assessed with insurers looking for proactive technology controls such as endpoint protection and multi-factor authentication in addition to regular backups, training, business continuity and crisis response plans. Cyber Insurance is now seen as part of a holistic approach to building cyber security resilience, combining with technology, training, monitoring and response testing. If cyber insurance is to be sustainable, this is the way forward.

No alt text provided for this image

Business Interruption

Business interruption ranks as the second most concerning risk, not just in the UK but globally, which comes as no surprise following a year of unprecedented global supply chain disruption following a pandemic and an increase in cyber-attacks.

Whether it’s a cyber-attack, a flood or fire affecting a critical business location or supplier, business interruption events can have a very costly and lengthy impact extending well beyond the organisation to suffer the incident and impact the entire supply chain. It may not be your organisation that’s directly impacted, but it may prevent you from being able to produce your products or deliver your services.

There are multiple triggers for BI and in recent years cyber and pandemic have risen to the fore – as mentioned previously the most feared cause of BI this year is cyber. However, it would be foolish to underestimate traditional causes of businesses interruption such as fire or flood. There’s little you can do to mitigate the risk of supply chain disruption, but like cyber you can manage some of the risk of traditional BI triggers and put in place prevention measures and resilience plans.

No alt text provided for this image

Climate Change

It was surprising to see climate change leap up the rankings to third place for the UK, climbing to 6th in the global rankings. However, this has been a recurring news item over the last year or so and the increasing pressure on businesses to act on climate change has increased noticeably.

In the UK there is a growing focus on net-zero and the government landmark Net Zero Strategy launched in October 2021, at the time the Allianz Risk Barometer survey was conducted, which may have had an impact on the ranking as it was at the forefront of respondent’s minds. The Net Zero Strategy sets out the policies and proposals for decarbonising all sectors of the UK economy to meet our net zero target by 2050. The devolved administrations also committed to the Net Zero target as recommended by the Climate Change Committee.

The risks to businesses from climate change are also having an impact on Business Interruption, particularly in relation to damage and closures following extreme weather events. We have seen multiple ‘danger to life’ warnings issued for flooding in February across the Midlands, with devastation to businesses that had barely recovered from previous floods. This also has an impact on brand and reputation, alongside supply chain issues, that can have a long term impact even when the flooding has subsides and the business reopens.

No alt text provided for this image

So, what can you do?

The Allianz Risk Barometer has highlighted the current issues keeping business owners awake at night, both in the UK and across the globe. But the old saying ‘only worry about things you can control’ springs to mind – you can’t stop cyber attacks, container ships blocking the Suez Canal or flooding, but you can manage the risk to your business and put in place the insurance cover to protect you should the worst happen.

Identify the biggest risks to your own business, determine what you can control and create a plan to implement any changes you need to make to improve your resilience. If it’s within your control, tackle it, if not then insure against it.