Cyber tops pandemic and broken supply chains as biggest global business risk

Cyber perils are the biggest concern for companies globally in 2022, according to the Allianz Risk Barometer. The threat of ransomware attacks, data breaches or major IT outages worries companies even more than business and supply chain disruption, natural disasters or the Covid-19 pandemic, all of which have had a huge impact on organisations during the past year.

The risk of cyber incidents tops the Allianz Risk Barometer for only the second time in the survey’s 11-year history with 44% of respondents stating it as their biggest worry. Business interruption drops to a close second (42%) and natural catastrophes ranks third (25%), up from sixth in 2021. Climate change climbs to its highest-ever ranking of sixth (17%, up from ninth), while the threat from pandemic outbreak drops to fourth (22%).

The annual survey from Allianz Global Corporate & Specialty (AGCS) gathered the views of 2,650 experts in 89 countries and territories, including CEOs, risk managers, brokers and insurance experts.

In the UK, cyber ranked number one, mirroring the global result, with a growing percentage of respondents identifying this as the primary peril for the year (50%, up from 42% in 2021). Business interruption once again ranked in the top three for the UK, this year taking second place (34%) up from third last year. In the wake of COP26, climate change was the biggest increase for the UK, moving to third in the rankings from sixth last year (31% up from just 17% in 2021).

Joachim Mueller, AGCS CEO, said: “For most companies the biggest fear is not being able to produce their products or deliver their services. 2021 saw unprecedented levels of disruption, caused by various triggers. Crippling cyber-attacks, the supply chain impact from many climate change-related weather events, as well as pandemic-related manufacturing problems and transport bottlenecks wreaked havoc. This year only promises a gradual easing of the situation, although further Covid-19-related problems cannot be ruled out. Building resilience against the many causes of business interruption is increasingly becoming a competitive advantage for companies.”

The cyber threat figures as a top three peril in most of the countries surveyed, with a key driver being the recent surge in ransomware incidents. Recent attacks have shown new emerging threats such as ‘double extortion’ tactics combining the encryption of systems with data breaches, exploiting software vulnerabilities which potentially affect thousands of companies (for example, Log4J or Kaseya) or targeting physical critical infrastructure.

Scott Sayce, global head of cyber at AGCS, said: “Ransomware has become a big business for cyber criminals, who are refining their tactics, lowering the barriers to entry for as little as a $40 subscription and little technological knowledge. The commercialization of cyber crime makes it easier to exploit vulnerabilities on a massive scale. We will see more attacks against technology supply chains and critical infrastructure.”

With supply chain, climate change, and pandemic-related risks featuring high in the report, there is also growing concern over the shortage of skilled workers which, flagged by 13% of respondents, is a new entry in the top 10 risks. Respondents rank this as a top five risk in the engineering, construction, real estate, public service and healthcare sectors, and as the top risk for transportation.

Changes in legislation and regulation remains fifth (19%). Prominent regulatory initiatives on companies’ radars in 2022 include anti-competitive practices targeting big tech, as well as sustainability initiatives with the EU taxonomy scheme.

    Share Story:


Cyber risk in the transportation industry
The connected nature of the transport and logistics industries makes them an attractive target for hackers, with potentially disruptive and costly consequences. Between June 2020 and June 2021, the transportation industry saw an 186% increase in weekly ransomware attacks. At the same time, regulations and cyber security standards are lacking – creating weak postures across the board. This podcast explores the key risks. Published April 2022.

Political risk: A fresh perspective
CIR’s editor, Deborah Ritchie speaks with head of PCS at Verisk, Tom Johansmeyer about the confluence of political, nat cat and pandemic risks in a world that is becoming an increasingly risky place in which to do business. Published February 2022.