‘Extreme’ cyber events could cost as much as major hurricanes: Lloyd’s, Cyence

By Erin Ayers on July 20, 2017

Hurricane or Tornado Background

The potential costs stemming from extreme cyber risk events could rival those of major hurricanes such as Superstorm Sandy, with economic impacts ranging from $4.6 billion up to $53 billion, according to a joint report from Lloyd’s of London and cyber risk analytics firm Cyence.

Lloyd’s and Cyence took an in-depth look at two possible cyber-event scenarios: the first, a group of environmental hacktivists disrupt cloud service providers and their customers, causing widespread business and service interruption. The second scenario envisions the accidental loss of a physical copy of a report on a vulnerability in a widely-used operating system. This human error results in the spread of the information on the dark web and “an undetermined number of unidentified criminal parties” exploiting the zero-day vulnerability.

The average economic losses associated with the cloud disruption were estimated in the range of $4.6 billion for a large event and $53 billion for an “extreme” event, Lloyd’s and Cyence said, but added that the “uncertainty” surrounding cyber aggregation means that impact could be up to $121.4 billion – or as low as $15.6 billion. For the zero-day threat, the report estimated impacts between $9.7 billion to $28.7 billion.

In terms of insured losses, the research revealed a wide gap between insurance proceeds available for the potential events and the actual economic hit at stake. Between seven percent and 17 percent of possible economic losses are currently insured, based on the size of the cyber insurance market.

“Cyber-attacks have the potential to trigger billions of dollars of insured losses,” the two firms wrote. “For example, in the cloud services scenario insured losses range from $620 million for a large loss to $8.1 billion for an extreme loss. For the mass software vulnerability scenario, the insured losses range from US$762 million (large loss) to US$2.1 billion (extreme loss).”

READ THE FULL STORY

This story in an excerpt of the original. The content originally appeared in Cyber Front Page News.
To read the full story, you must be a subscriber. If you are a subscriber, check your email for Cyber Front Page News on July 20, 2017.

eayers@advisen.com'

Erin is an editor at Advisen. She has 15 years of journalism experience. Prior to Advisen, Erin covered property-casualty insurance for 13 years as editor-in-chief of The Standard, New England’s Insurance Weekly. Erin is based in Boston, Mass. Contact Erin at eayers@advisen.com.