Read the last of the three series of articles on Cyber risks.
There is a 'disproportionately high' mismatch between cyber risk awareness and implementation of protection measures given the increasing frequency and severity of attacks according to Munich Re.
A new report, Munich Re Global Cyber Risk and Insurance Survey 2022, warns that lack of human resources and skilled personnel, poor integration and interoperability of security solutions and insufficient collaboration between individual departments, are among the main challenges for companies looking to improve cyber security.
The new survey, which included more than 7,000 participants from 14 countries across all industries and company sizes revealed that although cyber risk awareness among managers has risen by nearly 10% since 2021, 83% of surveyed representatives said that their own company is still not adequately protected against digital threats.
This is despite 38% of C-level respondents admitting that they are ‘extremely concerned’ about a potential attack, up from 30% last year. More than 70% of companies surveyed have now been affected by ransomware or a data breach, up from 53%.
On a more positive note, 43% of executives said that they had been offered cyber insurance, up from 34% in 2021, and 35% are now considering coverage for their company.
“Supply and demand for cyber insurance have increased slightly, but most respondents are still not adequately protected or even prepared,” according to the report.
Munich Re estimates that the global value of cyber premiums was $9.2bn at the start of this year and expects this to reach approximately $22bn by 2025.
A lack of historical data and non-existent or inconsistent legal obligations related to reporting ransomware or cyber business interruption events are also making it difficult for insurers when pricing cyber risks.
The report said, “The insurance industry finds itself able to collect and analyse more and more information from covered losses. Insurers and Munich Re are in a uniquely privileged position to collect proprietary information from risk owners. Cyber insurance, together with other stakeholders, can leverage this data to reshape cyber risk assessment and better explain the modelling of cyber risks to its insured.”