Munich Re’s 2020 Cyber Risk Report Sheds Light on Cyber Insurance Awareness Gap

The COVID-19 pandemic exacerbated the threat and likelihood of cyber security breaches for organizations, Munich Re's 2020 cyber risk report found. Despite the growing risk of cyber attacks, companies and organizations are still not utilizing cyber coverage to its fullest advantage.
By: | April 10, 2021
Topics: COVID-19 | Cyber | Future of Insurance | Risk Management

As vaccination rollout continues to expand, we can see some sort of end in sight to the COVID-19 pandemic and a reintroduction to normalcy.

But what we aren’t getting rid of any time soon is the surge of cyber security attacks that have taken place over the past year. What will likely remain is companies’ sheer vulnerability to a cyber attack.

Additionally, we’ve seen a dramatic shift to digitalization — and for good reason. Companies rely heavily on digitization to continue their day-to-day operations.

Munich Re released its Global Cyber Risk and Insurance Survey in early March, reporting on the significant digital and cyber trends that have skyrocketed since the beginning of the pandemic. The report also delves into the necessary insurance response to these cyber threats, a sector of insurance that is still not entirely recognized as legitimate.

The report shows both the opportunities and risks that a more digital workforce presents.

Of course, there are solutions to build and implement “cyber vaccines,” as Munich Re calls it. But, companies and organizations themselves are still not taking full advantage of the cyber insurance products and services that the industry has provided. In response, the industry needs to ensure that they can fill the remaining holes.

The Sweep of Digitalization and the Unknowns of Cyber Insurance

A main takeaway from Munich Re’s report is the idea of digitalization and its now ever-present capabilities, which include 5G, cloud storage and artificial intelligence.

“Increasing digitalization is affecting almost all areas of our lives,” said Martin Kreuzer, risk manager of cyber risks, Munich Re. “As a result, dependencies and risks are changing ever more dynamically and determining the loss scenarios.”

The report found that while everyone is excited about the move towards digitalization, 81% of respondents surveyed believe their company’s preparedness to a cyber attack is inadequate. But, despite the large majority of concern, only 34% of respondents have reached out to their insurance carrier to inquire about cyber protection.

Munich Re found that this hesitancy to tangibly find cyber coverage stems from respondents’ unawareness to what cyber insurance products and services actually exist.

Kreuzer said in addition to a lack of cyber insurance knowledge, many organizations have assumed the potential losses that come from cyber risk are covered in their conventional property or liability policies.

He believes that for organizations, especially ones small- to mid-sized, there needs to be more transparency about the actual cyber risk implications in order to gain a better understanding of cyber insurance capabilities.

The report concludes that because cyber insurance is still not recognized in as high priority as traditional coverage, the potential for cyber insurance products could be hindered.

The Risks that Dominated 2020 

While cyber risk can manifest itself through several avenues, Munich Re found three threats to be the most detrimental: data breaches, ransomware and business email compromises (BEC).

Martin Kreuzer, risk manager of cyber risks, Munich Re

Data breaches are not a new threat, but their reach posed a bigger threat in 2020. An increasing number of data breaches last year included financial, health care and children-related data being extorted. In turn, an average global data breach cost reached $3.86 million.

Ransomware is another threat that increased throughout 2020. Due to increased digitization, IT systems “converged with critical infrastructure and operational technology systems,” Munich Re reported. This makes a ransomware attack that much more debilitating should it occur. When they take place at hospitals or water treatment plants, they could threaten human life.

Additionally, ransomware attacks cost organizations an average of $283,000 — a certain 100% increase from 2019.

BEC scams have increased in the last year, as well, largely due to the difficulty in detecting and mitigating a BEC scam attempt when much of a workforce is remote. An organization could reportedly lose up to $80,000 in a BEC scam, which was an increase from the previous quarter.

The highlighted cyber threats definitively show that pre-COVID cyber risks are not only thriving but are becoming even riskier.

The Need for Cyber Insurance Is More Fervent than Ever

Cyber risk has become mainstream in recent years, accelerated thanks to the pandemic. Where does that leave cyber insurance?

The demand for cyber coverage is only going to grow, Munich Re’s report states. As small- and mid-sized businesses continue to be disproportionately affected by cyber attacks, the need for protection is going to increase.

An uptick in regulation on cyber attacks is also expected to drive demand for cyber insurance. Data protection laws have been passed and enacted globally, thus making the need of insurance against cyber crime vital.

But how can the industry mainstream coverage for a risk that ranks as mainstream itself?

Kreuzer refers back to one word: transparency.

“Transparency about the risk in the organization and about the coverage of the risk in the insurance policies is fundamental to active risk management,” he said.

And Kreuzer is hopeful that coverage for cyber risk is making its way on organizations’ priority list: “By offering a comprehensive and growing range of cyber services, insurance adds value that quickly becomes apparent to organizations when looking at risks in their entirety.”

Though in order to receive the best protection, it is imperative every organization find adequate cyber security coverage. In turn, your own organization’s protection will work towards a greater goal of developing a collaborative protection against cyber threats for all organizations.

We’re all collectively on a quest to reach one type of herd immunity from a coronavirus disease. Let’s add cyber herd immunity to the list. &

Emma Brenner is a staff writer with Risk & Insurance. She can be reached at [email protected].
Share
Tweet
Share

Trending Stories

7 Questions for RGA’s Carmony Wong

September 26, 2023

Navigating Global Travel Uncertainties: Business Travel Risk Insights from HUB’s Will Mule

April 23, 2024

Planck’s Leandro DalleMule Discusses the Ethics of AI in Insurance

April 1, 2024
Portrait of Michelle Kerr

3 Keys to Combat ‘Big Brother’ Fears with Safety Technology

February 27, 2024

More from Risk & Insurance

Two By Fours, Rivets and Artificial Intelligence. CLM’s Construction Claims Take

While AI has penetrated awareness in the larger culture, construction companies have been delving into it themselves in recent years including using it to optimize work schedules, to improve workplace safety, and to keep a close eye on construction sites.

In Conversation: Enlyte’s Legal and Regulatory Experts on Top Trends to Watch in 2024

From shifts in drug costs to state-based workers’ comp system restructuring efforts, these are the trends workers’ comp professionals need to make sure they’re paying attention to. 

Severe Thunderstorms Cause Record $60 Billion Insured Losses in 2023

Insured losses from severe thunderstorms hit a record $60 billion in 2023, contributing to the fourth consecutive year of losses exceeding $100 billion, according to Swiss Re Institute.

Legal Roundup: $3 Million Awarded in Tesla Discrimination Case, Pfizer/BioNTech COVID Vaccine Hit With Patent Suit and More

Pfizer/BioNTech was hit with a patent infringement suit by Arbutus Biopharma for its COVID vaccine.

Go to Homepage >