17/01/2019 – News / Business / Legislation / Security / Cyber Threat / Brexit / UK
Brexit and Cyber threats are the biggest risks to UK businesses in 2019, says Allianz
Cyber threats and changes in legislation and regulation, including concerns around Brexit, are considered the biggest risks by UK risk experts (joint #1 with 48 per cent of responses), according to the newly released Allianz Risk Barometer 2019. Meanwhile, cyber incidents (37 per cent of responses) are neck-and-neck with ‘business interruption’ (37 per cent of responses) as the top business risks globally.
“It’s no surprise to see changes in legislation and regulation as the new top risk in the UK, jointly with cyber threats,” said Tracey Hunt, Deputy CEO, Allianz Global Corporate & Specialty (AGCS), UK – a leading risk consultancy. “Uncertainty around Brexit, along with concerns around a potential increase in the regulatory burden and global trade disputes, have made confidence fragile. UK businesses also continue to be occupied by the threat of cyber-attacks. The consequences of a major data breach have never been greater since the EU's General Data Protection Regulation (GDPR) came into force with data breaches potentially now resulting in huge fines.”
Workforce skills shortages – a new entry in Top 10 UK Risks
Shortages of skilled workers appears in the top 10 UK risks (coming in at #7) for the first time, with factors such as Brexit uncertainty, changing demographics and a shallow pool of talent in the digital economy contributing to its rise. A UK study by The Independent newspaper found that nine in 10 employers were struggling to recruit the skilled staff they need, with Brexit set to make this challenge even worse.
Shortage of skilled workforce also appears for the first time among the 10 top business risks globally (at #10); as well as in many countries in Central and Eastern Europe, US, Canada and Australia.
“Skilled workforce – and human capital more generally – has become the scarce resource of the digital economy,” said Ludovic Subran, Deputy Chief Economist of Allianz. “Competition is fierce between companies to get new recruits with competencies in artificial intelligence, data science, or ‘frontier risk management’ such as managing cyber or reputational risk as most of these jobs did not exist 10 years ago. Even attractive salaries do not suffice as the pool of recruits with the needed skillset is limited and the urgency to on-board them does not allow for on-the-job training."
Cyber incidents and BI top global risks
In the wake of mega data breaches and privacy scandals, major IT outages and the introduction of tighter data protection rules in the European Union and other countries, cyber risk is now a core concern for global businesses in 2019 and beyond. According to the Allianz Risk Barometer 2019, ‘cyber incidents’ are neck-and-neck with ‘business interruption’ or ‘BI’ (both 37 per cent of responses) as the top business risks globally. ‘Climate change’ (ranked #8, with 13 per cent of responses) and ‘a shortage of skilled workforce’ (#10 with nine per cent of responses) are the biggest climbers globally. At the same time, companies are more worried year-on-year about changes in legislation and regulation (#4 with 27 per cent of responses) resulting in impacts such as Brexit, trade wars and tariffs.
The annual survey on global business risks from Allianz Global Corporate & Specialty (AGCS) incorporates the views of a record 2,415 experts from 86 countries – including CEOs, risk managers, brokers and insurance experts.
“Companies need to plan for a wide range of disruptive scenarios and triggers, as this is where their big exposure lies in today’s networked society,” advised Chris Fischer Hirs, CEO of AGCS. “Disruptive risks can be physical, such as fire or storms, or virtual, such as an IT outage, which can occur through malicious and accidental means,” he said, adding that such risks can stem from a firm’s own operations but also from a company’s suppliers, customers or IT service providers. “Whatever the trigger, the financial loss for companies following a standstill can be enormous,” he warned. “New risk management solutions, analytical tools and innovative partnerships can help to better understand and mitigate the modern myriad of BI risks and prevent losses before they occur."
BI threats continue to evolve
BI remains the top threat for businesses worldwide for the seventh year running and is the top risk in countries such as the US, Canada, Germany, Spain, Italy and China. Potential BI scenarios are becoming ever more diverse and complex in a globally connected economy, and include the breakdown of core IT systems, product recalls or quality issues, terrorism or political rioting or environmental pollution. Both cyber and BI risks are increasingly interlinked as ransomware attacks or accidental IT outages often result in disruption of operations and services costing hundreds of millions of dollars. Cyber incidents rank as the BI trigger most feared by businesses (50 per cent of responses), followed by fire (40 per cent) and natural catastrophes (38 per cent). At the same time, BI is seen as the biggest cause of financial loss for businesses after a cyber incident (69 per cent of responses).
Cyber – growing awareness, growing losses
Increasing concern over cyber incidents follows a watershed year of activity in 2018. “Cyber risk has been a major risk for a number of years, but as with any new risk it has struggled with awareness,” explains Marek Stanislawski, Deputy Global Head of Cyber, AGCS. “We have now reached a point where cyber is as equally concerning for companies as their major traditional exposures.”
Cyber crime now costs an estimated US$600bn a year – up from US$445bn in 2014, according to the Center for Strategic and International Studies. This figure is almost three times as much as a 10-year average economic loss from natural catastrophes (US$208bn, according to Swiss Re).
While criminals use more innovative methods to steal data, commit fraud or extort money, there is also a growing cyber threat from nation states and affiliated hacker groups targeting critical infrastructure providers or stealing valuable data or trade secrets from companies. Cyber incidents are increasingly likely to spark litigation, including securities and consumer class actions. Data breaches or IT outages can generate large third party liabilities as affected customers or shareholders seek to recoup losses from companies.
For more information on the findings of the Allianz Risk Barometer 2019, visit: https://www.agcs.allianz.com/insights/white-papers-and-case-studies/allianz-risk-barometer-2019/