November 25, 2021

“With this report, we join the discussion around the cyber resilience of our society and industry”

The increasing number of cyberattacks over the last years has put cyber risk at the top of society’s concerns. Evolving, complex, and global, cyber threat is a true challenge, including for the insurance industry. On the release of the Building Cyber Resilience report, Marie Bogataj, Head of the AXA Research Fund and Group Foresight, shares the main takeaways of this publication and the paths towards managing cyber risk.

Read time:2 minutes

Why is the AXA Research Fund publishing a report on cyber resilience?

Cyberattacks against organisations and individuals have soared with the Covid-19 crisis and the wide use of digital tools, making cyber risk one of the top positions in the risks landscape.
The latest World Economic Forum Global Risks Report ranks cyber security failure 9th as the most likely risk and IT infrastructure breakdown the 10th most impactful one. This momentum is confirmed by the AXA Future Risk Report 2021, where cyber risk was selected as the 2nd most important issue for society.
Faced with the magnitude of this risk – the cost of cybercrime is estimated at $6 trillion in 2021 (1) – and the evolving aspect of the attacks, building up cyber resilience is of paramount importance. As an insurer, we want to provide in this publication insights from experts such as researchers, practitioners, and governments, about building stronger systems and cyber mitigation and prevention practices.

What is at stake for the insurance industry?

Cyber resilience requires an organization-wide strategy that efficiently responds to threats and identifies vulnerabilities. It also needs anticipation and a systematic and rigorous approach to be ready to face the unknown. Being resilient not only means avoiding incidents, but also being ready to recover from the worst-case scenario.
For the insurance industry, cyber risk is a challenge in multiple ways. Cyber event data is currently too scarce to appropriately price products, and cyber risk modelling is still at an immature stage. Cyber threats are constantly evolving with outsized impact and severe losses. Insuring cyber risks depends on our ability to model cyberattacks in a way that integrates the complex dependence effects of cyber events.
To develop further, the industry will have to overcome the limited access to underwriting and risk expertise. It will need to develop the maturity of key stakeholders, such as agents and brokers around cyber risk.

What are the key takeaways of this report?

While cyber risk is a growing issue, it is not all doom and gloom. In fact, there is a consensus saying that we need collective action, based on information sharing and co-operation, awareness building and the adoption of new techniques, towards making our cyber space safer and stronger in the face of attacks.
The second learning is that building cyber resilience for corporations must be done in a holistic and strategic manner based on three pillars: people, through training and awareness, new technologies such as artificial intelligence, and procedures and standards which enable to quickly anticipate, react, and recover from cyberattacks.
Moreover, data sharing and regulation are key components of cyber resilience. Indeed, certain states and international bodies are acknowledging that cyber space needs to be regulated with global binding frameworks. They are also calling for an ecosystem-wide collaboration on data sharing.
Since the uncertainty and complexity around cyber risk limits traditional forecasting and modelling tools strategic, Foresight can help better understand – and therefore anticipate - future cyber threats. The report findings will show us the way forward on managing cyber risk. With the Building Cyber Resilience Report, we join the discussion around the cyber resilience of our society and the insurance industry.

 ---------------------------------------

(1)  Cybercrime To Cost The World $10.5 Trillion Annually By 2025, Cybercrime Magazine, November 2020

Find out more

“This report enables us to project our Purpose into the future”

“This report enables us to project our Purpose into the future”

Read more
“Mind health is necessary to a holistic approach to health”

“Mind health is necessary to a holistic approach to health”

Read more
"AXA wants to put mental health at the top of the health agenda"

"AXA wants to put mental health at the top of the health agenda"

Read more