Cyberattacks are establishing themselves as the main risk for companies in this decade. This can be concluded from the risk barometer presented by industrial insurer Allianz Commercial for the year 2024. In the survey of over 3,000 companies and experts worldwide, the risk was ranked number one for the third time in a row.

"The increase in ransomware attacks in 2023 was enormous," explained Jens Krickhahn, who has headed Allianz Commercial's independent cyber division since the beginning of 2024, in a press conference. Claims increased by 50%. Claims had remained unchanged in the previous two years.

Companies and experts around the world are particularly afraid of data breaches (59% of the 1,110 respondents who mentioned cyber risk). Attacks on critical infrastructure or assets and ransomware attacks (53% each) were also categorised as important.

For the first time, respondents worldwide put cyber risk in first place by a wide margin, ranking it five percentage points ahead of the second-placed risk of business interruption at 36%. In Germany, it moved from second to first place. It is likely that cyber will remain the frontrunner in 2025, as the risk was ranked first for the first time among large corporations (turnover of more than 500 million dollars) as well as smaller companies (less than 100 million dollars) and medium-sized companies.

According to Krickhahn, cyber criminals are currently making it easier for themselves than in the past: "They are not bothering with encryption." They extract data from companies and immediately demand a ransom for not publishing the data. The companies paid willingly.

Sometimes, cyber attacks trigger a cascade of claims, such as business interruptions. After an IT service provider was attacked, the Allianz claims department had to process a mid to high double-digit number of cases within two days, said Krickhahn.

In another case, in which Allianz was not involved as an insurer, more than 120 companies and organisations had suffered business interruption losses because the service provider Südwestfalen IT had shut down the systems after an attack. The hack of the file transfer provider Moveit affected more than 2,500 organisations and companies. It is assumed that more than 50 million data owners were affected.

Krickhahn said that Allianz Commercial would continue to have cyber insurance in its portfolio. The management is aware of its obligation to offer risk transfer solutions. In new business, Allianz can provide a maximum sum for losses of 10 to 15 million euros per customer. There are few insurers that still have such a high capacity. Higher sums could be offered in consortia. Generally speaking, "We are seeing a relaxation because new capacities are coming onto the market." The prices for insurance have stabilised.