Business Interruption Is The #1 Cyber Risk

Uploaded on 2025-02-17 in TECHNOLOGY--Resilience, FREE TO VIEW

Cyber security risk, including ransomware, data breaches and IT disruptions, remained the top business concern worldwide over the past year.

A recent Report published by the International Underwriting Association (IUA) underscores the need for cyber business interruption (BI) risks to receive the same level of attention as information technology security controls and ransomware threats.

The new IUA guide also aims to help insurers navigate money handling requirements in the European Union. Across the continent insurers face varying approaches to risk transfer and the distribution of insurance through agents, sub-agents, or brokers. Often, they have to agree to ‘cascaded’ risk transfer, making them responsible for funds held by parties further down the distribution chain.

The Report outlines the different requirements and approaches encountered in 15 key European markets. The publication states whether risk transfer is possible or, indeed, mandatory. It also describes how risk transfer can be cascaded and the general market practice for the protection of premium and claims funds held by a sub-agent.

The IUA’s Cyber Underwriting Group first published a Business Interruption Report in 2018 which provided an overview of the subject and the principles of how a loss would be calculated.

The 2025 Report, produced in collaboration with professional services firm Baker Tilly, examines cyber security and attack trends from recent years.

It notes that while understanding of cyber business interruption has progressed, further improvements are needed to enhance the claims process for both insurers and policyholders. Helen Dalziel Director of Public Policy at the IUA, said that the cyber insurance market has seen a notable increase in business interruption claims in terms of both frequency and financial impact.

In particular, she referenced a high-profile and costly incident involving CrowdStrike as an examples of the risks businesses face.

A separate report from Allianz identifies the major business risks for 2025, which finds that cyber incidents are the top global risk for 2025 and by a higher margin than ever before, 7% points ahead of business interruption in #2. “It is the fourth year in a row that cyber is ranked #1 after first ranking top in 2020. Ten years ago, it ranked only #8 globally with just 12% of responses." Allianz conclude.

In comment, the principal at leading law firm Baker Tilly, Ben Hobby, emphasised the importance of business interruption cover as a key component of cyber insurance policies and its role in claim settlements.

 “Business interruption cover is a critical part of a cyber insurance policy and can be a significant part of any claim settlement. We therefore consider it critical to the cyber insurance market’s continued success to share these experiences so that cyber business interruption and the resulting financial exposures are better understood.” 

Hobby says that sharing insights gained from handling cyber claims is crucial to improving understanding of financial exposures related to cyber business interruption.

At government level, a recent  Report from the UK National Audit Office, an independent parliamentary agencyy, highlighted concerns about  cyber security practices across Britain’s central government, where outdated computer systems are at risk of failing to meet their own cyber security targets, increasing the risk of a disruptive incident. 

IUA     |   IUA     |   Insurance Business Mag   |   Slipcase     |  Cybersecurity Dive  |  Hiscox   |    Allianz

Image: Ideogram

You Might Also Read: 

Cyber Insurance: The Cost Of Doing Business:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« US Researchers Launch A DeepSeek Competitor
Britain Fast-Tracks Military Recruitment For Cyber Defence »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Armadillo Sec

Armadillo Sec

Armadillo provide penetration testing and vulnerability assessment services.

RiskIQ

RiskIQ

RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence.

SecuTech Solutions

SecuTech Solutions

SecuTech is a global leader in providing strong authentication and software licensing management solutions.

Wüpper Management Consulting (WMC)

Wüpper Management Consulting (WMC)

Specialized in compliance, risk management and holistic information security WMC GmbH has longtime implementation experience in global projects.

Jumio

Jumio

Jumio’s end-to-end identity verification and authentication solutions fight fraud, maintain compliance and onboard good customers faster.

Garland Technology

Garland Technology

Garland Technology specializes in network access points (TAPs) for 100% visibility allowing you to see every bit, byte, and packet flowing through your network.

Hassans International Law Firm

Hassans International Law Firm

Hassans is the largest law firm in Gibraltar, providing a full range of legal services across corporate and commercial law including Data Protection and GDPR compliance.

Cythereal

Cythereal

Cythereal is the leader in predicting and preventing advanced malware attacks. Security Automation for the Overwhelmed Administrator.

Drip7

Drip7

Drip7 is a micro-learning platform that is re-inventing the way companies train their employees and build lasting cultural change around the importance of cybersecurity.

Viakoo

Viakoo

Viakoo is an Enterprise IoT Applications Management company providing performance, security, and compliance. Viakoo enables you to be proactive in maintaining cyber hygiene and protecting your network

Iconium Software

Iconium Software

DataLenz by Iconium offers continuous and real-time tracking of your data assets delivering you the tools you need to successfully reach and maintain your target security standards.

Nuance Communications

Nuance Communications

From revolutionizing the doctor-patient relationship to reinventing the way brands connect with their customers, Nuance technology helps organizations push the boundaries of what’s possible.

OccamSec

OccamSec

OccamSec is a leading provider in the world of cybersecurity. We provide accurate, actionable information to reduce risk and enable better informed decisions.

SecurityBridge

SecurityBridge

SecurityBridge provide a cybersecurity connection between our customers’ IT departments, the forward-facing business services, and their SAP applications.

Arctera

Arctera

Arctera simplifies data management to keep you secure. Our company operates as three units - Data Compliance, Data Resilience, and Data Protection.

Hicomply

Hicomply

Hicomply simplifies compliance management with smart, user-friendly tools, helping you scale your processes and stay in control - no matter how complex.