Visualize: Insights that power innovation

Visualize: Insights that power innovation

As geopolitical tensions rise, don’t forget the cybercrime threat

By Caitlin Plunkett  |  January 22, 2020

Years before the recent flare-up of tensions between the U.S. and Iranian governments, cybersecurity experts were already cataloging Iran’s capacity to wage cyberwar against U.S. targets.1 Following the assassination of Iranian General Qassem Soleimani in early January, some cyber experts have warned of Iranian-sponsored cyber reprisals against U.S. government and commercial targets in the Middle East and beyond.2

While hostilities in the Middle East have pushed the specter of state-sponsored cyberattacks to the fore, it’s important to remember that more cyberattacks are reportedly perpetrated by criminal groups than state actors.3 In fact, by some estimates, cybercrime will be more profitable than the illicit drug trade by 2021.4 It’s those kinds of criminal cyber risks that cyber insurance is designed to address.

A rising threat

With apologies to Benjamin Franklin, the only sure things in life are death, taxes, and the increasing threat of a cyberattack.5

In 2019 alone, cybercrimes reportedly hammered businesses to the tune of roughly $2 trillion. According to Accenture, more than $5 trillion of business value is at risk from cybercrimes between 2019 and 2023 as the cost of all forms of cyberattack increase.6

Businesses have taken notice. Close to 80 percent of businesses surveyed by Marsh ranked cyber risk as a top five concern.7 The same survey noted that businesses have become less confident in their ability to understand, prevent, respond, and recover from cyber events since they were surveyed in 2018.8

The cyber insurance opportunity

When it comes to insuring against the scourge of cybercrime, larger operations appear to be more proactive than smaller businesses. According to the Marsh survey, 47 percent of businesses had some form of cyber insurance coverage, but larger firms (those with more than $1 billion in annual revenue) were more likely to have coverage than smaller firms (defined as those with revenues less than $100 million).9

While the businesses surveyed by Marsh reported spending more on cybersecurity products and services than they did on cyber insurance, Marsh noted that “not all cyber risks can be mitigated through technology, policy, or process, especially those low-frequency but high-severity losses that can inflict significant financial and operational damage. In these cases, risk transfer through insurance or other methods is essential.”10

Bringing clarity to today’s cyber threats

While it’s too early to assess the potential cyber implications of the current U.S.-Iranian standoff, we do know that businesses and individuals will very likely face multifaceted cyber threats from nonstate actors in the years to come.11

Verisk is at the forefront of analyzing cyber risks and addressing the evolving needs of the cyber insurance market. To learn more about our cyber insurance solutions, please visit Verisk.com/cyber.

  1. Courtney Kube, et al., “Iran Has Laid Groundwork for Extensive Cyberattacks on U.S., Say Officials,” NBC News, July 20, 2018, < https://www.nbcnews.com/news/us-news/iran-has-laid-groundwork-extensive-cyberattacks-u-s-say-officials-n893081 >, accessed on January 10, 2020.
  2. Shaun Nichols, “Cyber-Warnings, Cyber-Speculation Over Cyber-Iran’s Cyber-Retaliation Cyber-Plans Post-Soleimani Assassination,” The Register, January 6, 2020, < https://www.theregister.co.uk/2020/01/06/iran_attack_speculation/ >, accessed on January 10, 2020.
  3. 2019 Data Breach Investigations Report, Verizon, May 2019, < https://enterprise.verizon.com/resources/reports/dbir/2019/summary-of-findings/ >, accessed on January 10, 2020.
  4. Steve Morgan, “Cybercrime Damages $6 Trillion by 2021,” Cybercrime Magazine, October 16, 2017, < https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/ >, accessed on January 10, 2020.
  5. “Kaspersky Sees More Cyberattacks in 2020,” BusinessWorld, November 28, 2019, < https://www.bworldonline.com/kaspersky-sees-more-cyberattacks-in-2020/ >, accessed on January 15, 2020.
  6. The Cost of Cybercrime, Accenture, May 6, 2019, < https://www.accenture.com/_acnmedia/pdf-96/accenture-2019-cost-of-cybercrime-study-final.pdf >, accessed on January 10, 2020.
  7. Global Cyber Risk Perception Survey Report 2019, Marsh, September 18, 2019, < https://www.marsh.com/us/insights/research/marsh-microsoft-cyber-survey-report-2019.html >, accessed on January 10, 2020.
  8. Ibid.
  9. Ibid.
  10. Ibid.
  11. Shawn Ram, “More Attacks Are Coming: 5 Things to Know About Cyber in 2020,” PropertyCasualty360, December 31, 2019, < https://www.propertycasualty360.com/2019/12/31/more-attacks-are-coming-5-things-to-know-about-cyber-in-2020/ >, accessed on January 15, 2020.

Caitlin Plunkett is the cyber lead for Verisk's commercial lines coverage products. You can contact Caitlin at CPlunkett@verisk.com.