Munich Re’s 2020 Cyber Risk Report Sheds Light on Cyber Insurance Inadequacy – About Your Online Magazine


The COVID-19 pandemic has exacerbated the threat and likelihood of cyber security breaches for organizations, the Munich Re 2020 cyber risk report found. Despite the growing risk of cyber attacks, its insurance coverage products and services are still failing to recover.

As the vaccine launch continues to expand, we can see some kind of end in sight for the COVID-19 pandemic and a reintroduction of normality.

But what we’re not going to get rid of anytime soon is the wave of cyber security attacks that took place last year. What is likely to remain is companies’ absolute vulnerability to a cyber attack.

In addition, we saw a dramatic shift in digitization – and for good reason. Companies rely heavily on digitization to continue their day-to-day operations.

Munich Re launched its Global Cyber ​​and Safe Risk Survey in early March, reporting the significant digital and cyber trends that have skyrocketed since the pandemic began. The report also investigates the necessary insurance response to these cyber threats, an insurance industry that is not yet fully recognized as legitimate.

The report shows the opportunities and risks that a more digital workforce presents.

Of course, there are solutions to build and implement “cyber vaccines”, as Munich Re calls them. But it does not offer complete protection for companies and organizations. In response, the industry needs to ensure that they can fill the remaining holes.

Scanning for Scanning and the unknowns of cyber insurance

A main lesson of the Munich Re report is the idea of ​​digitization and its ever-present features, which include 5G, cloud storage and artificial intelligence.

“The rise in digitization is affecting almost every area of ​​our lives,” said Martin Kreuzer, manager of cyber risks at Munich Re. “As a result, dependencies and risks are changing more and more dynamically and determining loss scenarios.”

The report found that while everyone is enthusiastic about the move towards digitization, 81% of respondents believe their company’s preparation for a cyber attack is inadequate. But despite the vast majority of concerns, only 34% of respondents contacted their insurance company to ask about cyber protection.

Munich Re found that this hesitation in finding cyber coverage in a tangible way stems from respondents’ lack of knowledge about what cyber insurance products and services actually exist.

Kreuzer said that in addition to the lack of knowledge about cyber insurance, many organizations have assumed that potential losses from cyber risk are covered in their conventional ownership or liability policies.

He believes that for organizations, especially small to medium-sized ones, there needs to be more transparency about the real implications of cyber risk to gain a better understanding of cyber insurance features.

The report concludes that, as cyber insurance is not yet recognized as a priority as traditional coverage, the potential of cyber insurance products may be undermined.

The risks that dominated 2020

Although cyber risk can manifest itself in several ways, Munich Re has found that three threats are the most harmful: data breaches, ransomware and business email appointments (BEC).

Martin Kreuzer, Cyber ​​Risk Manager, Munich Re

Data breaches are not a new threat, but their reach posed a greater threat in 2020. An increasing number of data breaches in the past year have included financial, health and child-related data being extorted. In turn, the average global cost of data breach reached US $ 3.86 million.

Ransomware is another threat that has increased over the course of 2020. Due to increased digitization, IT systems “have converged with critical infrastructure and operating technology systems,” reported Munich Re. This makes a ransomware attack much more debilitating if it occurs. When they happen in hospitals or water treatment plants, they can threaten human life.

In addition, ransomware attacks cost organizations an average of $ 283,000 – a 100% increase over 2019.

BEC scams have also increased in the past year, largely due to the difficulty in detecting and mitigating an attempted BEC coup when much of the workforce is remote. An organization can lose up to $ 80,000 in a BEC scam, which represents an increase over the previous quarter.

The highlighted cyber threats definitely show that pre-COVID cyber risks are not only on the rise, but are becoming even more risky.

The need for cyber insurance is more fervent than ever

Cyber ​​risk has become prevalent in recent years, accelerated thanks to the pandemic. Where is cyber insurance?

Demand for cyber coverage will only grow, says the Munich Re report. As small and medium-sized businesses continue to be disproportionately affected by cyber attacks, the need for protection will increase.

An increase in regulation on cyber attacks is also expected to boost demand for cyber insurance. Data protection laws have been passed and enacted globally, making the need for insurance against cyber crimes vital.

But how can the sector integrate the coverage of a risk that is classified as mainstream?

Kreuzer refers to one word: transparency.

“Transparency about risk in the organization and about risk coverage in insurance policies is essential for active risk management,” he said.

And Kreuzer hopes that coverage for cyber risks is making it on the list of organizations’ priorities: “By offering a comprehensive and growing range of cyber services, insurance adds value that quickly becomes apparent to organizations when they analyze the risks in their organization. wholeness. ”

However, in order to receive the best protection, it is critical that all organizations find adequate cybersecurity coverage. In turn, protecting your own organization will work towards a greater goal of developing collaborative protection against cyber threats for all organizations.

We are all together on a mission to achieve a kind of collective immunity against coronavirus disease. Let’s add cyber herd immunity to the list. AND

Emma Brenner is a writer for Risk & Insurance. She can be contacted at [email protected]



Paula Fonseca