The Allianz Risk Barometer 2022: Cyber attacks are the biggest threat from a corporate perspective
by Tina Siering
The Allianz Risk Barometer 2022
Every year, Allianz surveys executives and decision-makers at major companies worldwide about current concerns. The decision-makers rate which threats they consider most threatening in the current situation. The companies select the three threats by which they see their own business operations most at risk.
In 2022, there was a huge movement in the companies' responses. The order of rated threats changed on many positions. Executives rated the following three as the top three threats to their own businesses:
- Cyber threats (44 percent).
- Disruptions to business operations due to external factors (42 percent)
- Natural disasters (25 percent).
No less than 44 percent of business leaders rated cyber threats as the greatest current danger. In the previous year, by contrast, only 40 percent of respondents rated it that way. In second place came disruptions to business operations caused by external factors. These include, for example, the disruptions in the global supply chain currently visible as a result of the COVID pandemic. Nevertheless, this is a key threat for only 42 percent of companies, which actually represents a slight drop from the previous year. Natural disasters rank third among the threats in the Allianz Risk Barometer.
Pandemics are in fourth place in the Allianz Risk Barometer 2022, a threat that was still one of the top positions last year with 40 percent of responses. In the meantime, only 22 percent of companies still see it that way.
What changes does the Allianz Risk Barometer show compared to the previous year?
Companies no longer consider pandemics to be a key threat. This is probably due to the changed situation regarding the Corona pandemic. Natural catastrophes are now also in the focus of companies. This, too, is mainly due to events in recent years, which have also received a lot of attention as a result of focused reporting. These include, for example, the devastating floods on the River Ahr or the wildfires on the west coast of the USA.
The second big change is that, for the first time, decision-makers see cyberattacks as the biggest threat to their business. Many IT leaders have recently realized: It's no longer a question of if a cyberattack will happen, but merely when. For some time now, experts from the IT security industry have been pointing out that the threat of cyberattacks is increasing enormously and that many companies are not adequately prepared for these dangers. In many cases, however, these warnings received too little attention.
But there are other reasons why more and more companies are aware of the danger posed by cyberattacks. It is not only the rising number of attacks that increases the danger level. Above all, advancing digitalization has ensured a dependence on digital systems. Many companies and also consumers only became aware of how dependent society is on digital technology in connection with the cyberattack on the Colonial Pipeline network on the U.S. East Coast. In May 2021, the operator of Colonial Pipeline, one of the most important fuel pipelines between Texas and Washington D.C., was the victim of a cyberattack using ransomware. The attackers encrypted large parts of the infrastructure. This disrupted the pipeline's operations. About 45 percent of the U.S. East Coast's fuel needs are transported through the Colonial Pipeline. The disruption caused price increases, hoarding purchases and fuel shortages at gas stations within a few days.
Such high-profile incidents also ensure that the topic of IT security becomes more of a focus for those in positions of responsibility within companies. This is certainly one reason why the threat of cyberattacks is ranked first in the Allianz Risk Barometer 2022.
Why have cyberthreats become such a major threat to businesses?
Companies' perceptions have changed, primarily as a result of recent developments. Cybersecurity Ventures, for example, estimates that the damage caused by cybercrime worldwide will be around six trillion US dollars in 2021. In the next few years, damages are expected to rise to over ten trillion.
These are direct and indirect damages. It is not possible to put an exact figure on the extent of the damage. On the one hand, there is the damage caused by the attack itself, i.e. costs incurred in restoring the systems. On the other hand, loss of earnings and production generated by a cyberattack on the company's own IT infrastructure must also be taken into account.
The danger posed by cyberattacks is also omnipresent because criminals are now using different tactics. For some years now, cyberattacks have often focused on financial interests. Ransomware attacks in particular are aimed at extorting money from companies. Ransomware attacks also aim to cause as much damage as possible and disrupt business workflows. To do this, ransomware makes use of an encryption process that renders the data unusable.
However, this is only one side of the threats. The second component shows how cybercriminals are now going about their attacks. The attackers' strategy has changed. Targeted, planned and sophisticated attacks are just part of normality these days. Such Advanced Persistent Threats (APTs) are particularly dangerous for corporate networks. The hackers penetrate networks undetected with enormous effort. Every company is a potential target. In these attacks, the hackers use methods designed to bypass virus scanners and similar IT security techniques.
Another incalculable factor is zero-day exploits. These are security holes in software and hardware that are unknown to the manufacturers. Time and again, criminals discover such gaps and exploit them for attacks that overcome conventional security techniques. Zero day exploits have a wide variety of effects, which always depend on the particular system in which the gap is present. In the worst case, such a gap gives attackers the opportunity to take control of the network or even launch a ransomware attack.
Last but not least, there is the human factor. Even companies that always make sure their software is updated and have their own IT security department are threatened by this circumstance. It is always possible that an employee who opens a compromised attachment to an email or connects the workstation to the insecure WLAN in the home office will enable a cyberattack.
What kind of protection is there against cyberattacks?
It all boils down to the fact that there is no absolute security in the corporate network. Those responsible who think this have not understood the threat environment and the attack vectors that hackers use. The reality is that cyber incidents cannot be prevented. However, organizations have two options to provide greater security. These are proper preparation and implementing systems that enable rapid response to cyber incidents.
Proper preparation involves many passive measures. These include training employees so they recognize cyber threats and act accordingly when dealing with digital systems. Network structures also contribute to security, especially in terms of the reach of APTs and zero-day attacks. User accounts with limited access rights, separate network areas or even the use of container software are just some of the examples. In combination, the familiar tools of IT security are used, such as strict firewall configuration, antivirus software and network policies for password security.
The second part is to integrate complementary systems for active defense against cyberattacks. It is in this area that many organizations have some catching up to do. Some decision-makers are still unaware of this area of IT security. Early attack detection is one of these IT security tools. The technologies are still comparatively new and use artificial intelligence to improve cyber defense.
Early attack detection scans the network in real time, looking for suspicious activities. These are, for example, accesses to an administrator account from an IP outside the company's own network or unusual data transfers. The system then alerts the appropriate IT security personnel so that immediate intervention is possible. This allows cyberattacks to be stopped at the first steps, preventing the actual attack.
Meanwhile, such solutions for early attack detection are also available as a managed service. For example, secion offers a corresponding service with its Active Cyber Defense Service. In this way, SMEs also have access to this technology without having to operate their own and correspondingly expensive Security Operations Center (SOC).
Conclusion on the Allianz Risk Barometer 2022
The Allianz Risk Barometer 2022 clearly shows that companies are increasingly aware of the potential dangers posed by cybercrime. The goal of being completely safe from cyberattacks is even more of a utopia in 2022 than ever before. It is important to implement a comprehensive IT security strategy that minimizes the risks posed by cyber threats. Part of such a security strategy also includes solutions for early attack detection, which identifies intruders in the network.
Need help upgrading your IT security for 2022? Contact us!
Related articles
QR codes have been around for almost 30 years. Today, we scan the square codes with our smartphone as a matter of course to release bank orders, create a digital vaccination certificate or retrieve coupons. However, since QR codes are also used by cybercriminals for fraudulent purposes, you should not trust the little squares without limits. You should be especially careful if you receive a QR code via email: A sophisticated phishing attack could be hiding behind it. We show you how to recognize quishing attacks and protect yourself from them.
Read more … Caution, Quishing: Criminals use QR codes for phishing attacks
In early October, the ransomware group Black Basta attacked an IT service provider of the Deutsche Presse-Agentur (dpa), stealing the data records of 1,500 dpa employees as well as pension recipients of the dpa support fund. Two weeks later, the cybercriminals published the first sensitive data of the victims on the darknet. This incident is just one of many attacks associated with the notorious Black Basta ransomware - and there will be many more to come. That's because, as new research shows, the cybercriminals act very similarly to other aggressive hacker groups.
Read more … Black Basta: New findings on the notorious ransomware
The cybersecurity industry is more dynamic and rapidly changing than any other sector. Today's insights may already be outdated tomorrow. Because at the same pace as IT security develops new measures to protect IT infrastructure, networks, and endpoints, cyber criminals bring new tools to the market, refine attack methods, or use unknown techniques to successfully carry out cyber attacks. Anyone who wants to stay as well informed as possible in the multi-layered environment is dependent on regular updates. This applies equally to technically interested users and IT staff. One popular source of information in Germany is the podcast. More than 40% of all Germans regularly listen to podcasts - one fifth of them daily. We asked our IT security consultants for recommendations on ethical hacking and present our top 5 most popular cybersecurity podcasts here.