Internal failures cause the most cyber claims

External attacks on companies result in the most expensive cyber insurance losses but it is employee mistakes and technical problems that are the most frequent cause of claims by number, according to a new report from Allianz Global Corporate & Specialty (AGCS).

The study – 'Managing the Impact of Increasing Interconnectivity: Trends in Cyber Risk' – analysed 1,736 cyber-related insurance claims worth £590m involving AGCS and other insurers from 2015 to 2020. It found that although external events such as DDoS attacks result in the most expensive cyber losses, it is internal incidents such as human error or systems failure that lead to a greater number of incidents.

Catharina Richter, global head of the Allianz Cyber Center of Competence, said: “Losses from incidents such as distributed denial of service (DDoS) attacks or phishing and ransomware campaigns account for a significant majority of the value of cyber claims today. But although cybercrime generates the headlines, everyday systems failures, IT outages and human error incidents can also cause problems for companies, even if their financial impact is not, on average as severe. Employers and employees must work together to raise awareness and increase cyber resilience.”

The number of cyber insurance claims AGCS has been notified of has steadily risen over the last few years, up from 77 in 2016 when cyber was a relatively new line of insurance, to 809 in 2019. In 2020, it has already seen 770 claims in the first three quarters, an increase it says has been driven in part by the growth of the global cyber insurance market which is currently estimated to be worth US$7bn according to Munich Re.

Losses resulting from external incidents, such as DDoS attacks or phishing and malware or ransomware campaigns, account for the majority of the value of claims analysed (85%) according to the report, followed by malicious internal actions (9%), which are infrequent but can prove costly. Accidental internal incidents, such as employee errors while undertaking daily responsibilities, IT or platform outages, systems and software migration problems or loss of data account for over half of cyber claims by number (54%) but, often, the financial impact of these is limited compared with cybercrime. Business interruption is the main cost driver behind cyber losses, accounting for around 60% of the value of all claims analysed in the report, followed by costs involved with dealing with data breaches.

The report also warns that the cyber risk environment is not expected to become any easier in future. Businesses and insurers are facing a number of challenges such as the prospect of more expensive business interruptions, the rising frequency of ransomware incidents, more costly consequences of larger data breaches given more robust regulation and litigation, as well as the impact from the playing out of political differences in cyber space through state-sponsored attacks.

It also flags the rise in remote working due to the coronavirus pandemic as an issue. Displaced workforces create new opportunities for cyber criminals to gain access to networks and sensitive information. Malware and ransomware incidents are already reported to have increased by more than a third since the start of 2020, while coronavirus-themed online scams and phishing campaigns about the pandemic continue.

    Share Story:

Recent Stories


Are property insurers ready for timber
The Structural Timber Association is gearing up to help all stakeholders in the construction supply chain to fully appreciate the advantages of building in timber, how to deliver such projects and most importantly to understand and manage the risks.

The changing face of BC and WAR
The working environment has changed quite dramatically for many over the last six months. With social distancing and the rise of homeworking, it is not just how businesses operate that has changed, but also how they recover. In this podcast we discuss some of the challenges created by the quick shift to home working, why the office may not have seen its last days and how the current environment can impact the ability of a business to recover.