Internal failures cause the most cyber claims

External attacks on companies result in the most expensive cyber insurance losses but it is employee mistakes and technical problems that are the most frequent cause of claims by number, according to a new report from Allianz Global Corporate & Specialty (AGCS).

The study – 'Managing the Impact of Increasing Interconnectivity: Trends in Cyber Risk' – analysed 1,736 cyber-related insurance claims worth £590m involving AGCS and other insurers from 2015 to 2020. It found that although external events such as DDoS attacks result in the most expensive cyber losses, it is internal incidents such as human error or systems failure that lead to a greater number of incidents.

Catharina Richter, global head of the Allianz Cyber Center of Competence, said: “Losses from incidents such as distributed denial of service (DDoS) attacks or phishing and ransomware campaigns account for a significant majority of the value of cyber claims today. But although cybercrime generates the headlines, everyday systems failures, IT outages and human error incidents can also cause problems for companies, even if their financial impact is not, on average as severe. Employers and employees must work together to raise awareness and increase cyber resilience.”

The number of cyber insurance claims AGCS has been notified of has steadily risen over the last few years, up from 77 in 2016 when cyber was a relatively new line of insurance, to 809 in 2019. In 2020, it has already seen 770 claims in the first three quarters, an increase it says has been driven in part by the growth of the global cyber insurance market which is currently estimated to be worth US$7bn according to Munich Re.

Losses resulting from external incidents, such as DDoS attacks or phishing and malware or ransomware campaigns, account for the majority of the value of claims analysed (85%) according to the report, followed by malicious internal actions (9%), which are infrequent but can prove costly. Accidental internal incidents, such as employee errors while undertaking daily responsibilities, IT or platform outages, systems and software migration problems or loss of data account for over half of cyber claims by number (54%) but, often, the financial impact of these is limited compared with cybercrime. Business interruption is the main cost driver behind cyber losses, accounting for around 60% of the value of all claims analysed in the report, followed by costs involved with dealing with data breaches.

The report also warns that the cyber risk environment is not expected to become any easier in future. Businesses and insurers are facing a number of challenges such as the prospect of more expensive business interruptions, the rising frequency of ransomware incidents, more costly consequences of larger data breaches given more robust regulation and litigation, as well as the impact from the playing out of political differences in cyber space through state-sponsored attacks.

It also flags the rise in remote working due to the coronavirus pandemic as an issue. Displaced workforces create new opportunities for cyber criminals to gain access to networks and sensitive information. Malware and ransomware incidents are already reported to have increased by more than a third since the start of 2020, while coronavirus-themed online scams and phishing campaigns about the pandemic continue.

    Share Story:

Recent Stories


Financial institutions were early adopters of cyber security and insurance. Are they still on top of the game?
Managing huge amounts of sensitive data online makes financial institutions a prime target for hackers. As such, the sector was an early cohort for insurers in creating cyber cover. Since then, the market has evolved almost beyond recognition. It continues to challenge itself to this day, complying with rigorous regulatory demands and implementing avant-garde enhancements to keep abreast of the ever-changing risks. Published June 2021

Manufacturing: An industry at risk amid great technological change
Of the many sectors of business, manufacturing companies are among the most at risk from cyber threats. How has the sector evolved to make it so vulnerable and what does the task of managing cyber exposure in a manufacturing company look like? CIR’s latest podcast with Tokio Marine HCC sought to answer all these questions and more. Published April 2021

Advertisement