Specialist insurer Beazley has released its latest risk and resilience report, titled Spotlight on: Cyber & Technology Risks 2023.
The report highlights the shifting landscape of global business risks, specifically focusing on cyber and technology risks, including ransomware attacks and threats posed by artificial intelligence.
Despite the escalating economic impact of cybercrime, which is projected to reach US$10.5 trillion by 2025 (a 300% increase since 2015), boardroom attention towards cyber risk appears to be waning, according to Cybersecurity Ventures. The perceived threat of cyber risk among global business leaders peaked in 2021 at 34%. However, in the past two years, this perception has declined to 27%. The report also predicts that in 2024, the perception of cyber risk will remain at 27%, while business preparedness to address this risk continues to decline.
As concerns about cybercrime decrease, executives are increasingly apprehensive about the perceived risks associated with disruptive new technologies, such as AI. Failing to keep pace with technological advancements and adapt to innovation has become a significant concern for 26% of global business leaders. However, resilience to this threat is diminishing, with over one-fifth (21%) of businesses feeling unable to keep up with the rapid pace of change, Beazley said.
Furthermore, business leaders are now prioritising the risk of intellectual property (IP) theft, with 24% ranking it as their top concern in 2023, more than doubling the figure from 2021 (11%). Interestingly, IP theft is also the cyber and technology risk for which businesses feel least prepared, with 26% reporting inadequate measures to mitigate this risk.
While overall concerns about cybercrime may be declining, small and medium-sized enterprises (SMEs) are increasingly aware of their vulnerability to cyber risks. Beazley's data indicates that companies with annual revenues between US$250,000 and US$999,999 feel less prepared to tackle cyber risks in 2023 (76%) compared to the previous year (70%). The report highlights how cyber hacking groups have become more specialised and diversified, utilising SMEs' security systems as a training ground for new hackers.
Paul Bantick, group head of cyber risks at Beazley, expressed concern over business leaders' reduced focus on cyber risk.
“Business leaders are finding it a struggle to keep up with the constantly evolving cyber threat. But worryingly they appear less concerned by cyber risk than a couple of years ago,” Bantick said. “This could be because they have been lulled into a false sense of security as the war in Ukraine led to a temporary reduction in the ransomware threat level when a number of cyber gangs splintered, but this situation is only temporary and should not be viewed as the new normal.”
Bantick emphasised that cybercriminals continuously seek new ways to attack, employing tactics such as third-party supplier attacks, sophisticated social engineering, and phishing techniques. Therefore, businesses of all sizes and industries must remain vigilant and proactive in addressing cyber threats, he said.
The report also examined the growing prominence of AI and other technological innovations, as well as the increased concerns over IP theft, among global business leaders. These evolving threats pose unfamiliar challenges, catching many companies off guard, Beazley said.
To create a safer operating environment, the insurance industry must collaborate with clients to enhance their resilience to cyber and technology risks and advocate for the adoption of comprehensive risk mitigation strategies, the report found.
Have something to say about this story? Let us know in the comments below.
