Cybercrimes will again register record figures this year, and small and medium-sized companies, having less budget to deal with it, will be their primary target. However, measuring and pricing cyber risks is difficult, so insurers are already positioning themselves, postulating AI as an essential tool.
MAPFRE makes it clear in one of its latest articles that echoes the Digital Trust Survey 2022 study, carried out by the consulting firm PwC, which confirms that cyber-attacks will break another record this year, with online attacks being the ones that will grow the most. In addition, the main targets will be data storage services in the cloud, data hijacking (ransomware), computer equipment infection through software updates (malware), and assaults on supply chain software and corporate emails.
Table of Contents
Cybercrimes In Different Contexts
In this context, SMEs were the primary victims last year: 53% suffered cyberattacks, and more than 40% were victims of more than three cybercrimes. Furthermore, each cyberattack costs a small company 75,000 euros, as recognized by SSH Team Consulting. This forces SMEs to rethink their ways of working as they need more excellent preparation and prevention against cyber risks since suffering a cyber attack could even mean the closure of the business. For this reason, and given the vulnerability of SMEs to computer attacks, MAPFRE has developed the ‘CIBER On’ insurance for the self-employed and SMEs with a turnover of up to 10 million euros.
“Criminals are adapting to digitization very quickly and taking advantage of it. Therefore, to face them, a broader understanding of cybersecurity is required, as well as prior preparation to avoid the risk of attacks, something that is not always within reach of SMEs and the self-employed”, says Jorge Sicilia, director of business development at Companies of MAPFRE Spain.
Insurance Position Against Cyber Attacks
In its article, MAPFRE wonders how we can quantify, measure, and cyber price risks. Given this scenario, (re)insurers need to quantify and measure this risk to later be able to give a price adapted to the exposure they will assume. 18% of companies in Spain have insurance to deal with possible cybersecurity incidents, a figure below the European average, which stood at 24%.
“We have to distinguish between cybersecurity, that is, the protection and prevention measures that a company can implement in its computer protocols to prevent as much as possible the entry of a cyberattack that entails data theft, paralysis of activity, etc.
Reassurance Against Cyber Risk
Reassurance in the field of cyber risk, as in other lines of business, plays a fundamental role in facilitating the transfer of risk by insurers, managing the control of potential catastrophic accumulation, and contributes to the development of products that provide solutions and advice for the mitigation and prevention of said risks.
In the case of MAPFRE RE, for example, we are actively working on learning and analyzing different models and scenarios of catastrophic accumulation in the face of large-magnitude events by applying artificial intelligence, which allows us to arrive at predictive statistical models with which to estimate possible potential losses.
Technology, algorithms, and artificial intelligence (AI) have also become essential tools for building predictive models that help (re)insurance companies estimate the potential impact of a cyber event.
Nature of this type of risk and its complexity within a dynamic, global, and changing environment. It makes the correct understanding, analysis, control, and measurement essential. Cybercrimes are primarily the significant risk factors in today’s scenario.