Businesses in Europe, the Middle East, and Africa (EMEA) are spending four times more of their budget on insurance for property, plant and equipment (PP&E) than they are covering cyber exposure.
That is according to a report released today by Aon in collaboration with the Ponemon Institute, which reveals 60% of total physical asset values are protected, compared with 15% of potential information losses.
This is despite 38% of EMEA firms suffering a cyber loss in the last 24 months, with an average of $3.3m (£2.5m) lost each time, and the potential business disruption from information asset losses 50% greater than PP&E damage.
“Most organisations spend much more on fire insurance premiums than on cyber insurance, despite stating in their publicly disclosed documents that a majority of the organisation’s value is attributed to intangible assets,” Aon global cyber insurance solutions COO, Vanessa Leemans, said.
“With 65% of EMEA organisations expecting their cyber risk exposure to increase over the next two years, cyber risk needs to be approached at an enterprise-wide level in order to achieve cyber resilience.”
The research involved a survey of over 500 individuals in the EMEA, 35% of which were in finance, treasury and accounting, 25% in risk management, 17% in corporate compliance and audit, while 9% were in general management.
It was also found that just 30% of businesses are “fully aware” of the legal and economic consequences of incoming EU General Data Protection Regulation (GDPW).
This comes into force on 25 May 2018, with failure to comply potentially resulting in fines of up to €20m or 4% of an organisation’s global turnover – whichever is higher.
The findings follow NTT Security forecasts that European financial institutions will face fines totaling €4.7bn in the first three years under GDPR, with 384 data breaches expected by 2021.
In addition, these predictions are thought to be conservative, excluding compensation claims, costs associated with lost customers, damaged reputations, and senior executive resignations.
“History tells us that companies that have dealt with data breaches poorly have seen loss of customers, reduced earnings and board level resignations,” AllClear ID CEO, Bo Holland said. “GDPR raises the stakes even higher.”
An increasing reliance on data and IT systems has seen cyber incidents shoot to the top of the most pressing risks facing businesses worldwide, research by Allianz has uncovered.
17 January 2020
The majority of risk managers worldwide cannot adequately assess the threats posed by new technologies, research by Accenture has found.
10 December 2019
Financial institutions will save $7bn (£5.43bn) by 2024 thanks to blockchain technology and the automation of customer checks, a market research firm has predicted.
05 November 2019
Why InsurTech? A Pressured Insurance Value Chain
By Andrew Sagon, Andrew Johnston and Matthew Wong
InsurTech is a burgeoning phenomenon that is modernising the insurance industry. It is disrupting the traditional value chain whereby insurers offer loss protection, and shifting the emphasis to risk mitigation. Incumbents face disintermediation as investors in search of higher yields pour money into insurance-linked instruments in the capital markets. And entrepreneurial businesses are targeting friction costs and inefficiencies within every aspect of the traditional value chain.
Nimbleness and agility will unlock potential
By Elinor Friedman, Andrew Harley and Klayton Southwood
Recent Willis Towers Watson surveys in the U.S. have shown that P&C and life insurers in developed markets are taking seriously the potential of big data and predictive analytics to improve their businesses. Nimbleness and agility, rather than brute force, are likely to be key to realizing that potential.
Driven by technology, toolkits and talent
By Claudine Modlin and Graham Wright
Advanced analytics is helping some insurers offer innovative products and solutions. What do insurers need to know about the changing nature of analytics and whether it is worth the investment? Claudine Modlin and Graham Wright discuss technology, toolkits and talent — topics that may help you decide.
Risk transfer is part of a comprehensive solution
By Adeola Adele, Patrick Kulesa, Kevin Madigan and Alice Underwood
Given the dynamic nature of cyber-risk, taking a multidimensional approach that integrates board governance, technology solutions, behavioral change and risk transfer solutions can help reduce risk to a manageable level.