PressNewsBusinessInsurance: When Bytes Bite

When Bytes Bite

Service & Contacts

Allianz Group Communications
Koeniginstr. 28
80802 Munich
Germany

Contact overview

Receive the latest Allianz news.

Newsletter

Follow Allianz in the social networks:

Facebook
Twitter
Google+
LinkedIn

  • Contact

  • Newsletter

  • Social Media

The recent WannaCry ransomware attack made a lot of companies wanna cry. As such attacks become more frequent and gain scale, cyber insurance promises to be the next blockbuster in the insurance industry...

Allianz SE
Munich, May 18, 2017

This week, WannaCry, a ransomware program, infected more than 230,000 computers in 150 countries. Hackers demanded payments in bitcoins to allow users to access their data.

The attack hit several large companies, including a major American parcel delivery company, a European car manufacturer and a Spanish telecom company. It disrupted the operations of Britain’s National Health Service and affected some operations of German rail network Deutsche Bahn, among others.

The incident again highlighted how vulnerable companies are to cyber risks – be it a technical glitch, a human error or a cyber attack – and the business interruption that usually follows.

Reuters reported that the total cost of resuming operations could run into billions of dollars for companies, with European and Asian companies particularly vulnerable. As such attacks become more frequent, companies are becoming aware of the need to protect themselves – not just from such attacks but also from the losses that they could bring.

This is why cyber insurance promises to be the next blockbuster in the insurance space, says Hartmut Mai, Chief Underwriting Officer for corporate lines at Allianz Global Corporate & Specialty (AGCS).

While cyber insurance is already a mature market in the United States with an estimated premiums volume of $3 billion, it is still an emerging segment in Europe and Asia.

The need for cyber coverage

Allianz-Hartmut-Mai

Hartmut Mai

Technology is a double-edged sword. On the one hand, it makes processes easier and less time-consuming; on the other, it opens companies up to new risks. Industrial companies are increasingly interlinking their equipment and processes – the so-called Internet of Things (IoT) – to improve their operations but this exposes them to the greater risk of business interruption in case of an attack or a glitch.

“The more the industry integrates supply chains and processes, and digitalizes production into ‘smart factories’, the more vulnerable the long-established industrial companies become as well. For them, the risk of business interruption tends to be paramount,” says Mai. The threat doesn’t always come from hackers. Many a times, it’s just a technical failure or an employee deliberately or accidentally introducing viruses or paralyzing computer systems.

When a crisis unfolds, compensation for financial loss is important, but the support services that often accompany cyber insurance are invaluable. Computer forensics, data and systems recovery as well as professional crisis communication can help a policyholder get back on its feet quickly. “Assistance services, which we provide ourselves or through our partners, are therefore becoming increasingly important,” says Mai.

The challenges

Of course, developing solutions for new risks comes with challenges. Given that cyber crime is a relatively new threat, the insurance industry needs to tread with caution in developing such products.

“We lack historical claims data because it involves an insurance product that is still relatively new in our portfolio. Also, companies shun publicity when they have been victims of a hacking attack because they are worried about their reputation. The duty to report incidents is developing in Europe only gradually,” Mai explains.

The portfolio management of cyber risks is also challenging and the accumulation risks are enormous. Through the digital networking of companies and supply chains, an incident at an individual company can quickly spread like wildfire, immobilizing entire industries.

Imagine the operations of an energy provider or a cloud services provider are disrupted due to a cyber attack. It will trigger numerous policies - not just cyber policies, but also other coverage if property damage and business interruption occur.

“At the moment, the accumulation risk is still manageable because not even 10 percent of companies in Europe have cyber insurance yet,” Mai points out.

However, just like director and officer (D&O) liability coverage, cyber insurance is expected to become the standard for European companies over the medium term. “Cyber insurance will be a blockbuster – and we must prepare ourselves for it. When the much stricter data protection regulations take effect in Europe in 2018, not just big corporations but also mid-market and smaller companies will want to buy cyber coverage,” Mai says.

Other Allianz subsidiaries such as Allianz Germany and Allianz Suisse have recently started offering dedicated cyber products for small and mid-sized companies. Allianz Germany, for example, offers cyber insurance for companies with an annual revenue up to 150 million euros. For ransomware attacks such as WannaCry, a customer also needs to buy cover for extortion incidents, which Allianz Germany offers as a special cover.

Data as a tool

According to Mai, insurers have to consider evaluating the technical standards and the information technology maturity of a company differently. “Individual risk dialogues and detailed IT and process audits that we usually do for large companies would be too complex for smaller and mid-sized companies,” he says.

“Going forward, we aim to increase our automated cyber risk analytic capability by cooperating with data analytics companies. They use IP address-based screening, linguistic algorithms and other comparable methods to evaluate the level of IT security of a company. Such cyber resilience ratings could especially help us offer cyber coverage to small and medium-sized businesses and retail clients through digital distribution platforms,” Mai adds.

C for cyber strategy

Given the frequency of cyber events in the recent past, there’s no denying that cyber security and related insurance will soon become an important part of corporate risk management strategies.

“In 2016, AGCS generated premiums in the mid-range double-digit millions with our cyber policies. Demand and policy transactions continued to increase significantly in the first quarter. No management board member or Chief Information Officer has any doubts about the danger anymore even if their IT security is state-of-the-art.” 

The market is gathering steam and we will likely see more modular cyber solutions that can be adapted individually to a particular company.

At the moment, AGCS limits its share of cyber coverage to 100 million euros per client as the market is still new and the risks are harder to assess. For individual companies, up to 500 million euros capacity is available in the cyber insurance market.

As a new ‘normal’ emerges, companies may not be able to completely avoid the bite of bytes. What they can do, is ensure that the pain is minimal.

  Forward Looking Statement disclaimer

As with all content published on this site, these statements are subject to our Forward Looking Statement disclaimer:

 

  Press contact

Heidi Polke
Allianz Global Corporate & Specialty
Phone: +49 89 3800 14303

Send email

  More at allianz.com

Poll Position

Allianz-Poll Position
Sep 21, 2017 | Allianz SE

Few can deny that Chancellor Angela Merkel has benefited from Germany’s recent economic prosperity. But as elections near, it’s important to remember that measures are still required to enhance the country’s growth potential…

More...

New Leadership at Allianz Deutschland and Allianz Italia

Allianz-New Leadership at Allianz Deutschland. Klaus-Peter Röhler named CEO
Sep 19, 2017 | Allianz SE

The Supervisory Board of Allianz Deutschland AG today named Dr. Klaus-Peter Röhler as Chairman of the Management Board (CEO) and successor to Dr. Manfred Knof, effective January 1, 2018. The Allianz Italia Board of Directors  decided to appoint Giacomo Campora, 50, as CEO of Allianz Italia as of January 1, 2018.

More...

'Allianz Multinational' bundles expertise for international Property & Casualty insurance solutions

Allianz-'Allianz Multinational' bundles expertise for international Property & Casualty insurance solutions
Sep 19, 2017 | Allianz SE

Under the name “Allianz Multinational,” Allianz is bundling its expertise for international insurance solutions from the property and casualty insurance sectors across the Group. Companies operating on a cross border basis – regardless of size – can access international insurance products tailored to their unique market and risk profiles through a central source. 

More...
More...