Business Interruption Is The #1 Cyber Risk

Uploaded on 2025-02-17 in TECHNOLOGY--Resilience, FREE TO VIEW

Cyber security risk, including ransomware, data breaches and IT disruptions, remained the top business concern worldwide over the past year.

A recent Report published by the International Underwriting Association (IUA) underscores the need for cyber business interruption (BI) risks to receive the same level of attention as information technology security controls and ransomware threats.

The new IUA guide also aims to help insurers navigate money handling requirements in the European Union. Across the continent insurers face varying approaches to risk transfer and the distribution of insurance through agents, sub-agents, or brokers. Often, they have to agree to ‘cascaded’ risk transfer, making them responsible for funds held by parties further down the distribution chain.

The Report outlines the different requirements and approaches encountered in 15 key European markets. The publication states whether risk transfer is possible or, indeed, mandatory. It also describes how risk transfer can be cascaded and the general market practice for the protection of premium and claims funds held by a sub-agent.

The IUA’s Cyber Underwriting Group first published a Business Interruption Report in 2018 which provided an overview of the subject and the principles of how a loss would be calculated.

The 2025 Report, produced in collaboration with professional services firm Baker Tilly, examines cyber security and attack trends from recent years.

It notes that while understanding of cyber business interruption has progressed, further improvements are needed to enhance the claims process for both insurers and policyholders. Helen Dalziel Director of Public Policy at the IUA, said that the cyber insurance market has seen a notable increase in business interruption claims in terms of both frequency and financial impact.

In particular, she referenced a high-profile and costly incident involving CrowdStrike as an examples of the risks businesses face.

A separate report from Allianz identifies the major business risks for 2025, which finds that cyber incidents are the top global risk for 2025 and by a higher margin than ever before, 7% points ahead of business interruption in #2. “It is the fourth year in a row that cyber is ranked #1 after first ranking top in 2020. Ten years ago, it ranked only #8 globally with just 12% of responses." Allianz conclude.

In comment, the principal at leading law firm Baker Tilly, Ben Hobby, emphasised the importance of business interruption cover as a key component of cyber insurance policies and its role in claim settlements.

 “Business interruption cover is a critical part of a cyber insurance policy and can be a significant part of any claim settlement. We therefore consider it critical to the cyber insurance market’s continued success to share these experiences so that cyber business interruption and the resulting financial exposures are better understood.” 

Hobby says that sharing insights gained from handling cyber claims is crucial to improving understanding of financial exposures related to cyber business interruption.

At government level, a recent  Report from the UK National Audit Office, an independent parliamentary agencyy, highlighted concerns about  cyber security practices across Britain’s central government, where outdated computer systems are at risk of failing to meet their own cyber security targets, increasing the risk of a disruptive incident. 

IUA     |   IUA     |   Insurance Business Mag   |   Slipcase     |  Cybersecurity Dive  |  Hiscox   |    Allianz

Image: Ideogram

You Might Also Read: 

Cyber Insurance: The Cost Of Doing Business:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« US Researchers Launch A DeepSeek Competitor
Britain Fast-Tracks Military Recruitment For Cyber Defence »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Hotlava Systems

Hotlava Systems

HotLava network adapters enable today's powerful servers and workstations to deliver more productivity by reducing congestion at the network interface.

Global Station for Big Data & Cybersecurity (GSB)

Global Station for Big Data & Cybersecurity (GSB)

GSB is an interdisciplinary research hub to cover big data, information networks, and cybersecurity.

High Sec Labs (HSL)

High Sec Labs (HSL)

High Sec Labs develops high-quality, cyber-defense solutions in the field of network and peripheral isolation.

Prevalent

Prevalent

Prevalent takes the pain out of third-party risk management. Companies use our services to eliminate the security and compliance exposures that come from working with vendors and suppliers.

United Security Providers

United Security Providers

United Security Providers is a leading specialist in information security, protecting IT infrastructures and applications for companies with high demands on security.

Devel Group

Devel Group

Devel are a LATAM cybersecurity company specialized in providing services in the financial and enterprise sector.

Strategic Cyber Ventures (SCV)

Strategic Cyber Ventures (SCV)

SCV grow cybersecurity companies that disrupt advanced cyber adversaries and revolutionize the cyber product marketplace.

Cyber Risk Aware

Cyber Risk Aware

Cyber Risk Aware provide a security awareness and phishing simulation platform that focuses on real threats and educates and empowers employees to be the first line of defence.

DatChat

DatChat

DatChat Inc. is a blockchain, cybersecurity, and social media company that focuses on protecting privacy on our devices and also protecting our information after we have shared it with others.

Firmus

Firmus

As the leading penetration testing services provider in Malaysia, Firmus evaluates the ability of your internal or external information assets to withstand attacks.

Ekco

Ekco

Ekco is one of Europe’s leading managed cloud providers. With a network of infrastructure and security specialists across Europe, we’ve perfected our approach to supporting digital transformation.

Softwerx

Softwerx

Softwerx is the UK’s leading Microsoft cloud security practice. We’ve been helping forward-thinking companies better secure their businesses for nearly twenty years.

Tenable

Tenable

Organizations around the world rely on Tenable to help them understand and reduce cybersecurity risk across their attack surface—in the cloud or on-premises, from IT to OT and beyond.

Camms

Camms

Camms are a team of experienced professionals dedicated to providing innovative GRC software solutions that help organizations manage risk, make informed decisions, and drive positive change.

DarkHorse Security

DarkHorse Security

DarkHorse exists to make it easy and affordable for organizations to be able to identify their cybersecurity vulnerabilities.

GlitchSecure

GlitchSecure

GlitchSecure helps companies secure their products and infrastructure through real-time continuous security testing.