Published: Mon, July 17, 2017
Hi-Tech | By Ellis Neal

Lloyd's report reveals cloud cyber risk gap

Lloyd's report reveals cloud cyber risk gap

According to Lloyds and Cyence, average economic losses from a major attack on cloud services could be about $53 billion.

That figure is the average estimate but the report said that given the uncertainty in calculating cyber losses, they could be as high as $121.4 billion or as low as $15.6 billion, depending on which organisations were involved and how long the cloud service disruption lasted.

A global cyber-attack could be as expensive as a major natural disaster, a new report has claimed.

The uninsured gap could be as much as United States dollars 45 billion for the cloud services scenario - meaning that less than a fifth (17%) of the economic losses are actually covered by insurance.

Published two months after a ransomware cyberattack that hobbled National Health Service hospitals and hit almost 100 countries, a 56-page report from the world's oldest insurance market says the threat posed by such global attacks has spiraled and poses a huge risk to business and governments over the next decade.

The analysis reveals that under the mass software vulnerability attack scenario, the cyber protection gap is between $8.9 billion for a large event and $26.6 billion for an extreme event, which means that just 7% of the economic losses are covered by insurance protection. What makes it even more challenging is a lack of historical data on which insurers can base their assumptions.

The report, carried out in collaboration with cyber risk modelling firm Cyence, suggests cloud services firms may not be covered for significant uninsured losses. NotPetya was significantly less costly - globally, it cost organizations US$850 million. By that time, the malware could have easily spread among the provider's customers, including financial institutions and small businesses, the report claimed, resulting in widespread losses.

The world's oldest insurance market and Cyence consultancy said the threat posed by hacking attacks has surged and the global economy will be increasingly vulnerable to cyberattacks over the next decade.

Lloyd's chief executive Inga Beale said underwriters needed to consider cyber cover and ensure premiums kept pace with the reality of the threat to technology systems.

Lloyds has about one-quarter of the emerging area of cyber insurance and says risks are more hard to model than natural disasters due to the human element, which means underlying assumptions can change quickly.

Like this: