Cyber Insight

It was expected that the effects of the Covid-19 pandemic and surges in Delta and Omicron infections would have resulted in Business Interruption (BI) maintaining its top spot in the 2022 rankings of the acclaimed Allianz Risk Barometer survey.

The annual Allianz survey and subsequent report identifies the top corporate risks expected for the next 12 months and beyond, based on the insight of more than 2,650 risk management experts from 89 countries and territories.

In the past, BI has scored well, as it is synonymous with many of the top ranked risks faced by business around the globe.

However, this year expectations that BI would once again feature at the top of the list of the most serious risks to business were wide of the mark.

For only the third time in the 11-year history of the Allianz Risk Barometer, BI has dropped to second place.

What tops the Risk Barometer charts this year? It’s the risk from Cyber Incidents.

Significantly, according to Allianz, the threat of Cyber Incidents ranks as a top three peril in most countries surveyed and “cyber perils” are the biggest concern for companies globally in 2022 as ransomware and other disruptive forms of cyberattacks continue unabated.

According to companies surveyed, the threat of ransomware attacks, data breaches or major IT outages concern companies even more than business and supply chain disruption, natural disasters or the Covid-19 pandemic, all of which have heavily affected firms in the past year.

In its report on the Risk Barometer, Allianz highlighted the surge in ransomware attacks as the top cyber threat facing organisations in 2022.

It noted that recent attacks have shown worrying trends such as “double extortion” tactics combining the encryption of systems with data breaches; exploiting software vulnerabilities (for example, the Log4J and Kaseya attacks) or targeting physical critical infrastructure.

The report underlines the role of cyber security which it says ranks as companies’ major environmental social governance (ESG) concern with respondents acknowledging the need to “build resilience and plan for future outages or face the growing consequences from regulators, investors and other stakeholders”.

According to Scott Sayce, Head of Cyber at Allianz Global Corporate & Specialty (AGCS) a key business unit of Allianz Group, ransomware has become “big business” for cyber criminals, who are refining their tactics, lowering the barriers to entry for as little as a $40 subscription.

“The commercialisation of cybercrime makes it easier to exploit vulnerabilities on a massive scale. We will see more attacks against technology supply chains and critical infrastructure,” he warns.

Here at Cyber Insight, we continue to advise South African businesses of the dangers they face from the main ransomware categories – Crypto, Locker, Double Extortion and Ransomware as a Service (RaaS).

We’ve explained how Crypto ransomware variants are mainly spread via email while the Locker alternative takes the distinctive route of locking its victims out of their devices.

We’ve described how Double Extortion ransomware is able to launch devastating, multistage attacks on target organisations, while RaaS, “the business for criminals, by criminals” provides ransomware to affiliates on a monthly fee basis.

Is there a counter to the ransomware scourge? Cyber Insight’s recently-launched plan for Secure Future Protectionprovides insight into processes and policies designed to assist with the implementation of solutions aimed at constantly improving cyber resilience.

One of the keys to the plan for Secure Future Protection is the professional implementation of a stringent, secure email gateway designed to prohibit malware and spam as well as bad URL/IP addresses from entering users’ mailboxes. The plan includes personalised support to guide you through the implementation and optimisation phases of email security.