Emerging Risks – Cyber risks: From analysis to implementation

Normal view (turn off text only mode)
You are here:

Cyberrisks - Munich Re

Cyber risks: From analysis to implementation

No other technical innovation has had such an impact on our society in such a short time as information technology. Supply chain management, customer relationship management, mobile computing, online banking or social networks – whether in the private sphere or in the world of business, the internet is steadily becoming an indispensable lifeline. Terabytes of sensitive data are stored on servers and are being transmitted each day through networks and WLANs. In tandem with the frantic pace of development, the risk of data misuse is also mushrooming. This is an emerging risk that has long been a present reality.

IT risks are a central topic in our emerging risk management approach – both in order to protect our own IT structures and for the development of new products. Companies are urged to be extremely careful with their data, not just for reasons of liability: compliance and reputational risks also feature in the list of IT risks.

The sphere of influence for IT risks

Sphere of influence IT Risks - Munich Re

IT risks hide a range of different hazards in the fields of security, reputation, liability, data protection and compliance. These extend to both first party and third party losses. Companies are therefore continually challenged to introduce transparency to their risk landscape and to implement effective countermeasures. There is no such thing as 100-percent protection against cyber attacks. Nevertheless, it is vital to implement a functioning framework in the form of processes, structures and roles that will enable you to cope with a potential attack. In this context, insurance products can assist with integrated benefits that the client can then make use of in the event of a claim.

At an early stage, the emerging risk think tank already included this topic on the radar, and analysed it from the perspective of the primary insurer and reinsurer. The analysis highlighted specific scenarios that were then examined in more detail and compared with external sources, such as research institutes, industry and other experts.

Based on these analyses, the final outcome was an effective range of measures to manage and reduce IT risks efficiently in the company.

Identity fraud risk
Identity fraud is understood to mean the illegal use of personal data belonging to a third party. Such data can include driver's licence, insurance, bank account and credit card data. The more data for a particular person are known, the easier it is to commit fraudulent acts, such as the illegal debiting of a credit card account. More than anything else, the internet offers new and diverse ways of gaining access to personal data, whether with phishing techniques, or through large-scale hacking of databases, as happened in one instance in May 2013. According to media reports, around 45 million US dollars was lost in a global scam using forged debit cards, whose balances had been increased in a database hack.

Portfolio management and transfer of expertise
Based on these findings, Munich Re explicitly controls the acceptance of IT risks in reinsurance treaties and monitors the risk capital employed in a regular review process. Our clients benefit from this too. On request, a team of experts from the full reinsurance group can analyse a cedant's portfolio and help improve its underwriting quality for this complex risk, thereby enhancing the client's business profitability.

Our experts are developing new products for companies wishing to achieve an appropriate reduction in their IT risks.

Main Navigation
Service Men


This publication is available exclusively to Munich Re clients. Please contact your Client Manager.