Skip to main content
Opens in a new tab External site

September 2022 / 5 Min Read

Ransomware Isn’t Just About Data: The Rising Risk of Cyber Business Interruption

 

Ransomware attacks certainly target data, but there also is an increasing and costly risk of business interruption to consider.

 

Key Takeaways

  1. Ransomware attacks continue to hamper businesses globally, but it is not just data that threat actors are targeting.
  2. An increasing risk of business interruption presents new challenges to business continuity and security.
  3. For businesses, the task of preparing for cyber business interruption includes four imperatives they need to heed.

As the frequency of ransomware attacks increases, organizations must consider that it’s not just data that hackers are targeting. There is an increasing risk of business interruption (BI). This growing digital peril has presented new challenges to business continuity and security.

“The landscape has changed the cyber risk,” says Bianca McKenzie, head of claims preparation, advocacy and valuations U.K. at Aon. “With ransomware becoming commonplace, we’ve gone from it being oriented around liability to a focus on disruption. That is the cyber criminals’ new goal: to disrupt businesses rather than just to extract data.”

While organizations are used to considering business interruptions related to circumstances like property damage, the threats of cyber BI can have much wider ramifications. For a business with operations in multiple sites — even multiple countries — the BI impact of a ransomware attack can reach beyond a single property and disrupt operations worldwide.

We often speak to clients that have been newly appointed to the leadership of climate risk or sustainability functions. It’s not uncommon to find them at first struggling to prioritize actions for the surging ESG and climate risk factors they are facing. To be successful at converting the company’s ESG goals into action, managers should follow these steps:

“Before ransomware like that was unfathomable,” says McKenzie. “You couldn’t imagine that operations could be disrupted to an extent that it would financially impact clients at a global level.”

More Like This

Article
Use These 8 Successful Strategies to Mitigate Growing Ransomware Risk

Article
Cyber Awareness Training: Success Starts with Meaningful Engagement of People


With ransomware becoming commonplace, we’ve gone from it being oriented around liability to a focus on disruption.”

Bianca McKenzie
Head of Claims Preparation, Advocacy and Valuations, Aon U.K.

 

In Depth

According to Aon’s 2021 Cyber Security Risk Report, ransomware attacks have become more complex and business interruption increasingly likely.

Ransomware attacks exploded in number and frequency during 2020. As the number of attacks grew, so did their cost: the Aon report projected business costs associated with ransomware attacks to total $20 billion in 2021. To mitigate financial loss, organizations should prepare to address cyber BI before a disruption occurs.

$20B
Projected ransomware business costs in 2021

Source: 2021 Cyber Security Risk Report

Preparing for Cyber BI

For businesses, the task of preparing for cyber BI risk includes several imperatives:

  • Improving information technology security to prevent disruptive attacks
  • Developing a sound business continuity plan to help respond to and recover from an attack
  • Accurately assessing the cyber business interruption risk in order to transfer risk effectively to cyber insurance markets or other
  • Developing a plan for accurately documenting BI-related loss and financial impact to efficiently file an accurate claim with cyber insurers

“In principle, it’s really not that different from a property BI claim to a cyber BI claim, except for the fact that with cyber BI you might not know which policy applies, and you want to have the team lined up in advance,” says Jill Dalton, managing director in Aon’s U.S. Property Risk Consulting Group. “Make sure you know who’s going to be doing the cyber preparation. Get that team lined up in advance, because the biggest issue in the cyber claim is tackling it right away.”

Understanding the Risk

To properly address a cyber BI threat — including maximizing the ability to transfer risks — businesses must fully understand their exposures. With insurers demanding more detailed information from prospective cyber insurance buyers, businesses should invest in analyzing their exposures to determine what a probable cyber BI loss might look like.

“Now is the time to really tighten up your understanding of what your cyber BI risk really is,” says McKenzie. “Given the insurance market and the challenges that some are face in terms of actually transferring their cyber risk, it’s important to invest in understanding what a more probable cyber BI loss would look like when it comes to renewing a cyber policy or purchasing a cyber policy for the first time.”

Cyber BI Threats Along the Supply Chain

Businesses also must consider the possibility that their supply chains could also be interrupted by cyber BI.

“It’s a huge issue, because if a supplier has a cyber attack that prevents them from getting you their product, then you’re experiencing a contingent business interruption loss as a result of the cyber event,” says Dalton. “It’s important for companies to do good due diligence in selecting and managing suppliers.”

Businesses exposed to cyber BI risks in their supply chains should also consider using multiple suppliers and develop backup plans to address potential disruptions.

Assessing the Loss

Calculating the losses incurred in a cyber business interruption can be challenging — particularly for a multinational business with operations in different locations possibly facing varied impacts.

“There needs to be an appreciation for that complexity and due care in gathering the supporting data,” says McKenzie. “Quantifying the impact, close management of the claim and working with the insurer and their representatives to recover insured losses is a many-faceted process. It requires expert time and resources.”

The challenge is heightened by the fact that the process of determining the losses takes place while the company is experiencing a cyber BI and is in “crisis mode.”

“Businesses should try to be ahead of the curve and be as prepared as possible before an event,” McKenzie says. “They should understand what sort of information they’ll need to capture and how they’ll collect it.”

The Cyber BI Threat Is Real, Preparation Is Essential

The threat of cyber attacks continues to grow and, with it, the risk of cyber business interruptions. By analyzing exposures, taking steps to address risk and establishing a strategy for assembling a claim quickly and accurately, businesses can better prepare themselves for the threat of cyber BI.

General Disclaimer
The information contained herein and the statements expressed are of a general nature and are not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information and use sources we consider reliable, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation.

Terms of Use
The contents herein may not be reproduced, reused, reprinted or redistributed without the expressed written consent of Aon, unless otherwise authorized by Aon. To use information contained herein, please write to our team.