Cyber losses are driven by business interruption, recovery costs

The average cost of recovery and downtime following a ransomware attack has more than doubled during the past year.

“We often hear about high profile sophisticated attacks in the media, but as a whole, the majority of ransomware attacks are not targeted, nor are they technically sophisticated,” said Thomas Kang, North American head of cyber, tech and media at Allianz Global Corporate & Specialty(Credit: Bits and Splits/stock.adobe.com)

The biggest drivers of cyber losses are business interruption and restoration costs, according to Allianz Global Corporate & Specialty (AGCS), which reported that the two accounted for more than half of the value ($885 million) of nearly 3,000 insurance cyber claims.

The average total cost of recovery and downtime following a cyber incident more than doubled during the past year, growing from $761,106 to $1.85 million. Behind many of these claims are ransomware events, which continue to grow in severity and frequency. AGCS reported several factors are propelling these increases, including:

“The number of ransomware attacks may even increase before the situation gets better,” Scott Sayce, global head of cyber at AGCS, said in a release. “Not all attacks are targeted. Criminals also adopt a scattergun approach to exploit those businesses that aren’t addressing or understanding the vulnerabilities they may have. As insurers, we must continue to work with our clients to help businesses understand the need to strengthen their controls. At the same time, in today’s rapidly evolving cyber insurance market, providing emergency response services, as well as financial compensation, is now the standard.”

Cyber invasions grow globally

During the first half of 2021, the number of cyber intrusions increased 125% compared with the year prior, according to Accenture. Ransomware and extortion operations were major contributors to this.

These trends are reflected in AGCS’ claims data. For example, in 2016, the company saw around 80 cyber claims. During 2020, it handled more than 1,000. Dicing up the data more, the insurer reported ransomware-related claims increased 50% compared with 2019 levels.

“We often hear about high profile sophisticated attacks in the media, but as a whole, the majority of ransomware attacks are not targeted, nor are they technically sophisticated,” Thomas Kang, North American head of cyber, tech and media at AGCS, said in a release. “For the most part, cybercriminals are looking for the most vulnerable firms, focusing their efforts on where there is the best chance of receiving a payout for the least effort.”

Related: