Don’t expect the threat of hacking to peter out in 2019. Cyberattacks have beat out terrorism, weapons of mass destruction, and extreme weather as the top concern for business leaders in North America, Europe and the Asia-Pacific Region, according to a new report from the World Economic Forum (WEF), done in partnership with Zurich Insurance Group and Marsh & McLennan Companies. Those concerns match up with the threats that cyber experts are finding having an impact on commercial clients and their insurance brokers today.
“Ransomware is still prolific in 2018. This is the leading cause of business interruption losses that generally the market sees,” said Sharif Gardner, cyber unit training manager at AXIS Capital. “The transportation sector has seen some large cases of business interruption when you start to look at, more recently, the crippling cyberattack on COSCO Shipping, so the transportation sector has started feeling that – not because they’re specifically targeted in any way more than anybody else. Most of these attacks start out indiscriminately, but it’s essentially that they’ve got very high volume in supply chains [and] high volume of logistic activity, so naturally that introduces a different area of risk.”
You only have to take a look at Facebook’s recent stumble to recognise that the problem of large data breaches that expose hundreds, if not thousands, of customers’ personal information isn’t going away anytime soon. Regulatory changes, such as those in Europe or Canada this year, have the potential to subsequently lead to heightened demand for cyber insurance, according to Gardner, though their effects on third party liability losses or a broader increased interest in the product are still to be determined.
Gone are the days, too, when an individual would receive mail in the post claiming they’d won a cruise. Instead, criminals are turning to instant messenger communication methods to carry out cyber-enabled scams. In fact, many data breaches don’t require malicious software to get into a system. What’s the easiest way to get someone to hand over 100,000 personal records? Ask a person for access, says Gardner.
“The tech wave is sweeping across organisations of multiple sectors. We’re far more reliant on cloud service providers, for example, and we’re far more active on platforms such as social media,” he explained, adding that we live in a world of oversharing where the entire perception of privacy has changed.
In this context, customers expect their brokers to professionalise their understanding of cyber risk, and are not only trusting that the cyber insurance product works, but are recognising that it’s actually now a vital part of risk management.
“The more people with the foundational knowledge, the more ideas that come into the market, [and] the more credible broking, the better the products that we can provide for all,” said Gardner.
In that vein, AXIS Capital offers a course now certified by the UK’s Government Communications Headquarters to both insureds and brokers via its Cyber Centre of Excellence, which is a global resource that provides mentorship, education, consulting services and solutions to help improve professionals’ understanding of cyber risk. The course examines the pillars of information security, the murky underworld of criminality, and what security professionals, as well as brokers and their clients, need to do to become better internet citizens, along with other key insights on cybersecurity and insurance.
“We live online, we work online, we shop online, and we play online – there isn’t one aspect of our lives that isn’t involved online,” said Gardner. “What we wanted to provide was a holistic landscape that we as insurers face, and certainly what organisations and individuals are challenged with, so what we do is we do deep dive into technology growth factors that are essentially shaping the cyber risk landscape that we live in today, and that affect all of us.”