Cybercrime falls in list of executives’ top concerns

Cybercrime has fallen in the list of business leaders’ top concerns, according to a new Beazley survey.

Just 27% of global business leaders cited cybercrime risk as their top area of concern, down from 34% in 2021.

However, Beazley has warned against complacency, noting that the cyber landscape is fast evolving and that phishing and software vulnerability ransomware incidents are on the rise. 

In 2020, data across all industries showed that, on average, 7% of company losses were caused by fraudulent instruction, whereas in the first quarter of 2023, this average had risen to 13%.

Paul Bantick, global head of cyber and tech at Beazley, said: “Our annual Risk & Resilience survey of global business leaders found that concern about the threat of cyber risk has decreased since the ‘ransomware pandemic’ in 2021 and 2022.

“However, the perception that the worst is over, that businesses are immune, or have at least built up a tolerance to the most extreme effects does not match the reality,” Bantick added.

The healthcare sector is one that should be particularly concerned, Beazley warned, given that it is rich with some of the most intimate individual data, but without the cash to widely invest in modernised security infrastructure. According to Beazley’s survey, around one-third of healthcare businesses do not feel prepared to manage and respond to cyber risk - more than any other sector. 

Beazley’s survey also found that concerns about intellectual property (IP) theft have become more acute. In Beazley’s 2021 survey, only 11% of business leaders ranked it as their top risk. Now, this risk has more than doubled, to 24%. 

The growing threat of artificial intelligence (AI) is also a growing concern for insureds, especially because it is currently little understood. 

It seems clear that AI-related intellectual property risks are abundant, Beazley noted. For example, reports suggest sensitive and proprietary information is being fed into AI content production engines by employees at one company, and then resurfaces in the results produced by the AI platform for employees at competitor organisations when they request similar work. 

AI could also be used by cybercriminals to convince businesses by fraudulent means to transfer funds.

“Whilst AI’s transformative potential is undeniable, it brings a new set of cyber challenges, potentially enabling threat actors to operate at a greater scale or offer novice cyber criminals easy access to sophisticated code targeted at specific organisations,” Beazley said. “NATO leaders have warned that AI is a ‘double edged sword’ for private companies with AI-based tools able to automatically carry out attacks.”

The frequency and severity of cyber risks dropped off as the Ukraine-Russia conflict split cyber gangs. Meghan Hannes, head of US cyber & tech underwriting management at Beazley, said this cannot be considered “a new normal”

“The situation is becoming uglier by the day as new threat actors emerge and look to make up lost profits,” she said.