The occurrence of cyber incidents is the top global risk in the Allianz Risk Barometer, which was released this week by the German giant’s Allianz Commercial arm. Cyber topping the risks chart highlights the threats from a range of areas for investment teams at insurers, from back-office automation to investing in technology or emerging markets, that could be targeted by criminals or those seeking to cause unrest.
Cyber topped the risk chart for the first time by a clear margin with 36% of responses, five percentage points ahead of the next item on the list.
Allianz said in its statement on the results that cyber ranks as the risk of most concern in the Americas, Africa and Middle East, Asia Pacific, and Europe regions, and across all company sizes, which the report split into three sections - large companies of over US$500 million annual revenue, mid-size - between $100 million + to $500 million, and smaller - under $100 million, for the first time.
“Cyber is the cause of business interruption that companies fear the most, while cyber security resilience is their most concerning ESG risk issue,” said the report.
It specified that cyber threats were constantly evolving as criminals had new technology to work with, partially thanks to the rapid rise of artificial intelligence (AI) over the past two years. “Hackers are beginning to work with AI-powered language models to increase the speed and scope of ransomware attacks, as well as create new malware and produce phishing emails and deep fakes,” it said.
“Businesses and the wider economy are now reliant on digital services and
infrastructure for both critical and everyday activities."
The latter was a key feature of the World Economic Forum’s (WEF) Global Risk Insight 2024 report that was launched last week. In it, WEF said cyber was a key concern in both the long and short term.
Caroline Klint, Chief Commercial Officer at Marsh McLennan, specified the effects that AI could have on democracy and political stability as key concerns. Klint highlighted cyber-attacks on infrastructure – which proved effective in conflicts such as the Ukraine/Russia war – and deep fake videos, which were used in the recent Taiwan elections.
“Businesses and the wider economy are now reliant on digital services and infrastructure for both critical and everyday activities,” said Michael Bruch, Global Head of Risk Advisory Services at Allianz, in the report.
In the report, data breaches were listed as the most pressing exposure around cyber, followed by cyber-attacks on critical infrastructure and physical assets and an increase in ransomware attacks.
“In the context of turbulent geopolitics and ever-deepening reliance on digital devices, the potential shutdown of critical infrastructure is likely to become a much more significant and concerning risk for businesses in the future,” respondents believed.
Cyber was ranked as the most pressing issue in multiple countries, too. In most European countries it was number one (France, Germany, Switzerland, Italy the UK), which was also the case in other developed economies such as Japan, Australia, and the US. India and Nigeria (where it tied for first) also rated it as the most pressing risk.
The extent of cyber risk’s rise highlights anxiety over AI and digital infrastructure, particularly in a year of major world elections, as well as the continuing unease over programs such as ChatGPT, which has split views in the investment community.
Alongside cyber risks, political risks were still prevalent, often through the lens of ESG-related issues, such as greenwashing and reputational risks, that could undermine governance and political stability.
“Organisations communicating a strong sustainability agenda can find themselves in a bind – they can be litigation targets for groups [that] believe they are not doing enough to meet their climate or societal commitments, as well as those who claim they are making commitments they can’t meet,” said the report. “This is leading to cases of ‘green hushing’, whereby companies deliberately under-report or hide their ESG credentials from public view to avoid scrutiny.”
Allianz warned that this lack of transparency made it “harder to understand the true impact of sustainability strategies and investments”, which could inhibit the adoption of ESG activities by other companies.
Other key risks in the report were natural catastrophes, which climbed from sixth to third, business interruption losses – primarily fire and explosion, which were up from ninth to sixth, while political risk and violence were at eighth. Meanwhile, pandemic risks – a long staple of risk reports for years before Covid-19 – dropped out of the higher numbers, which could worry some and see repeats of past mistakes. The energy crisis also receded from the front of mind for many as it fell, as well, from fourth to eleventh.
"The potential shutdown of critical infrastructure is likely to become a much more significant and concerning risk for businesses in the future."
The Allianz report was based on the views of 3,069 respondents from 92 countries and territories. They were questioned during October and November 2023. The survey focused on large, smaller, and mid-size companies. Respondents were asked to select the industry about which they were particularly knowledgeable and to name up to three risks they believed to be most important.
Most answers were from large-size companies of over US$500 million annual revenue, with 1,340 respondents, or 44%. Mid-size companies – between $100 and $500 million revenue – contributed 792 respondents at 26%, while smaller enterprises, under $100 million revenue, produced 937 respondents, or 30%. Risks experts from 24 sectors also featured.