The COVID-19 pandemic exacerbated the threat and likelihood of cyber security breaches for organizations, Munich Re’s 2020 cyber risk report found. Despite the growing risk of cyber attacks, its insurance coverage products and services are still failing to catch up.
As vaccination rollout continues to expand, we can see some sort of end in sight to the COVID-19 pandemic and a reintroduction to normalcy.
But what we aren’t getting rid of any time soon is the surge of cyber security attacks that have taken place over the past year. What will likely remain is companies’ sheer vulnerability to a cyber attack.
Additionally, we’ve seen a dramatic shift to digitalization — and for good reason. Companies rely heavily on digitization to continue their day-to-day operations.
Munich Re released its Global Cyber Risk and Insurance Survey in early March, reporting on the significant digital and cyber trends that have skyrocketed since the beginning of the pandemic. The report also delves into the necessary insurance response to these cyber threats, a sector of insurance that is still not entirely recognized as legitimate.
The report shows both the opportunities and risks that a more digital workforce presents.
Of course, there are solutions to build and implement “cyber vaccines,” as Munich Re calls it. But it doesn’t provide a full protection for companies and organizations. In response, the industry needs to ensure that they can fill the remaining holes.
The Sweep of Digitalization and the Unknowns of Cyber Insurance
A main takeaway from Munich Re’s report is the idea of digitalization and its now ever-present capabilities, which include 5G, cloud storage and artificial intelligence.
“Increasing digitalization is affecting almost all areas of our lives,” said Martin Kreuzer, risk manager of cyber risks, Munich Re. “As a result, dependencies and risks are changing ever more dynamically and determining the loss scenarios.”
The report found that while everyone is excited about the move towards digitalization, 81% of respondents surveyed believe their company’s preparedness to a cyber attack is inadequate. But, despite the large majority of concern, only 34% of respondents have reached out to their insurance carrier to inquire about cyber protection.
Munich Re found that this hesitancy to tangibly find cyber coverage stems from respondents’ unawareness to what cyber insurance products and services actually exist.
Kreuzer said in addition to a lack of cyber insurance knowledge, many organizations have assumed the potential losses that come from cyber risk are covered in their conventional property or liability policies.
He believes that for organizations, especially ones small- to mid-sized, there needs to be more transparency about the actual cyber risk implications in order to gain a better understanding of cyber insurance capabilities.
The report concludes that because cyber insurance is still not recognized in as high priority as traditional coverage, the potential for cyber insurance products could be hindered.
The Risks that Dominated 2020
While cyber risk can manifest itself through several avenues, Munich Re found three threats to be the most detrimental: data breaches, ransomware and business email compromises (BEC).
Data breaches are not a new threat, but their reach posed a bigger threat in 2020. An increasing number of data breaches last year included financial, health care and children-related data being extorted. In turn, an average global data breach cost reached $3.86 million.
Ransomware is another threat that increased throughout 2020. Due to increased digitization, IT systems “converged with critical infrastructure and operational…