Blog: Cyber Correlation Risk Requires Greater Focus as global business Digitalisation Continues

Prashant Pai, Vice President, Cyber Offerings at Verisk recently took part in a virtual roundtable hosted by the Insurance Insider which examined the impact of COVID on Cyber business Interruption insurance. The discussion, involving insurers, reinsurers and brokers, highlighted key challenges that have emerged with the growing digitalisation of global business both currently and post pandemic.

The way in which COVID-19 has forced businesses to change will have profound effects on firms and their insurers.

A move to remote working has come with increased cyber threats. Systems now accessed by staff, often using their own equipment, has brought new exposures. When the world emerges from the forced distancing it is likely that firms will look at greater use of remote and flexible working and, as such, create challenges for them and their cyber risk management functions.

One of the most notable trends to emerge from the business response to COVID has been the use of virtual meeting systems, such as Zoom, Microsoft Teams and Google, and Google Classroom in the education system.

This presents a specific threat with a concentration and correlation of risk in a handful of dominant suppliers. It is a risk that Verisk has already factored into our cyber models to provide underwriters and brokers with a greater ability to understand the evolving exposures they face.

From the underwriters’ point of view, the demand for cyber cover has increased significantly but it has not been matched by an increase in capacity and, as a result, pricing continues to harden. Primary markets have noticed business clients which are not of a size to have full-time cyber security teams are now seeking greater help from underwriters around training and cyber risk mitigation.There is a growing view that re/insurers need to direct greater levels of spending toward proactive risk management support for clients rather than to the post breach or incident response.

The expectation is that the use of social engineering by hackers and the increase in the level of attacks which have been prompted by the pandemic will continue. It is likely that underwriters will see claims increase in the second half of the year and into 2021 as firms return to more normal working practices and successful cyber-attacks are identified in areas such as bogus payments and orders.

Companies across the re/insurance industry will need to use the available sophisticated exposure management tools to ensure they fully understand the concentration and correlation of risks around any future systemic cyber threats.