AIG’s 2017 Cyber claims statistics reflect both the growing maturity of the cyber book of business and a threat environment which has in recent months been characterised by a series of sophisticated systemic malware and ransomware attacks including WannaCry and Notpetya.
While business / network interruption was a significant issue for many European organisations, the majority of these losses were under-insured. As had been predicted early last year by AIG’s Cyber experts.
2017 was a year of widespread ransomware attacks and cyber business interruption.
AIG’s claims statics show that over a quarter of cyber claims (26%) received in 2017 had ransomware as the primary cause of loss. This is a significant leap from 16% of claims in 2013 – 2016.
Aside ransomware data breach by hackers, other security failure/ unauthorised access and impersonation fraud were the other main breach types. While the proportion of claims caused by employees negligence reduced marginally to 7% in 2017, human error continues to be a significant factor in the majority of cyber claims.