Cyber risks rated top corporate concern: Allianz Risk Barometer

The growing reliance on digitalisation and technology doesn’t make things any easier.
‘Double extortion’ tactics that combine the encryption of systems with data breaches that exploit software vulnerabilities are a worrying trend. Image: Jason Alden/Bloomberg

Cyber incidents now rank as a major threat for businesses around the world, outweighing corporate risks such as supply chain disruptions, Covid-19 restrictions and natural disasters, as highlighted in the Allianz Risk Barometer for 2022.

The 11th annual survey from corporate insurance carrier Allianz Global Corporate & Specialty (AGCS) incorporates the views of 2 650 experts in 89 countries and territories, including CEOs, risk managers, brokers, and insurance experts.

Read: Bureau Veritas hit by cybersecurity attack

Globally, 44% of respondents rate cyber incidents as a top concern, effectively moving up the business risk from third position in 2021 (40%). Business interruptions (supply chain disruptions for instance) occupy the second position at 42% (2021: 41%) and natural disasters rank third at 25% (2021: 17%).

Covid-19 concerns (ranking fourth) have dropped from 40% in 2021 to 22%, and changes in legislation and regulation rank fifth at 19%.

According to the survey, many companies are now less concerned about Covid-19 and feel adequately prepared for future outbreaks.

However, recent attacks – such as the Transnet cyberattack in July 2021 and the attack on the US’s largest oil pipeline – have shown worrying trends. These include ‘double extortion’ tactics that combine the encryption of systems with data breaches that exploit software vulnerabilities and potentially affect thousands of companies.


“Ransomware has become a big business for cyber criminals who are refining their tactics [and] lowering the barriers to entry for as little as a $40 subscription [about R616] and little technological knowledge,” Scott Sayce, global head of Cyber at AGCS, explains.

“The commercialisation of cybercrime makes it easier to exploit vulnerabilities on a massive scale. We will see more attacks against technology supply chains and critical infrastructure.”

‘Most feared cause of business interruption’

The study also notes that the most feared cause of business interruption is cyber incidents, which not only reflects the rise in ransomware attacks but also the impact of companies’ growing reliance on digitalisation and the shift to remote working.

“The pandemic has exposed the extent of interconnectivity in modern supply chains and how multiple unrelated events can come together to create widespread disruption,” says Philip Beblo, property industry lead at AGCS.

“For the first time the resilience of supply chains has been tested to breaking point on a global scale.”

Maarten van der Zwaag, global head of property risk consulting at AGCS, adds: “There is a growing willingness among top management to bring more transparency to supply chains with organisations investing in tools and working with data to better understand the risks and create inventories, redundancies and contingency plans for business continuity.”

Read: South African enterprises can’t ignore the risk of cyber attacks

In South Africa, the top two corporate risks parallel those of the rest of the world but worries around critical infrastructure blackouts such as load shedding and ageing infrastructure claim the third position (up from sixth). Political risks and violence (such as the lootings) rank fourth while pandemic restrictions conclude the top five.

According to the study, political risks and violence is among the top rising concerns in Africa and the Middle East due to the scale of riots and protests such as the July unrest and looting that occurred in South Africa.

“Fortunately, large scale terrorism events have declined drastically in the last five years. However, the number, scale and duration of riots and protests in the last two years is staggering and we have seen businesses suffering significant losses,” says Bjoern Reusswig, head of global political violence and hostile environment solutions at AGCS.

Read: Basil Read reports cyberattack incident on its IT systems

“Civil unrest has soared, driven by protests on issues ranging from economic hardship to police brutality which have affected citizens around the world. And the impact of the Covid-19 pandemic is making things worse – with little sign of an end to the economic downturn in sight, the number of protests is likely to continue climbing.”

Business continuity plans

Thusang Mahlangu, AGCS Africa CEO, says there needs to be more emphasis on building business continuity plans (BCPs) by companies to best protect themselves against inevitable perils.

“Businesses need to review their BCP and should be aware of what is happening around them. Typically, these only focus on national catastrophes, but there is a need for BCP plans to address political disturbances and other types of business disruption like cyber,” says Mahlangu.

“Having defined, and preferably tested, procedures in place is crucial – these should include staff, client and general communication and social media plans. It is imperative for companies to think deeply about how they can best protect their assets and people.”

Palesa Mofokeng is a Moneyweb intern.


You must be signed in and an Insider Gold subscriber to comment.





Instrument Details  

You do not have any portfolios, please create one here.
You do not have an alert portfolio, please create one here.

Follow us:

Search Articles:
Click a Company: