The average probable maximum loss from a cyber event targeting intangible assets is 43% higher than the anticipated PML for tangible assets. This is amongst the findings of Aon’s 2024 Intangible versus Tangible Risks Comparison Report, which points to an insurance gap in EMEA, where 54% of businesses experienced a material security threat or data breach at least once in the past 24 months.
The new report drew insights from 596 respondents across the region, with the responses underscoring certain discrepancies in coverage. While 60% of property, plant and equipment is insured, only 17% of information assets have similar protection. This gap has remained unchanged over the past two years, despite the increasing value of intangible assets and the growing frequency of substantial cyber breaches.
With 69% of businesses in EMEA using or intending to integrate AI products or services, the potential for cyber incidents and regulatory compliance issues, is considerable, Aon notes. New regulations like the European Union’s AI Act could add further complexity by inadvertently prompting more litigation from copyright holders.
Further, the rising threat from Gen AI is expected to increase the amount and heighten the impact of cyber attacks over the next two years. Gen AI may enhance the existing tactics, techniques and procedures of cyber criminals, as well as make it easier for novice cyber criminals to carry out effective attacks, contributing to an increased global threat.
David Molony, head of cyber solutions EMEA at Aon, said: “Cyber insurance has rapidly evolved to address more effectively the key loss drivers associated with cyber events. It offers more favourable coverage and premium pricing for businesses that demonstrate strong cyber security practices. However, the increasing value of intangible assets, alongside the rise of generative AI, represents a paradigm shift in cyber risk, while the EU’s new AI Act is only likely to introduce more regulatory complexity. Businesses must prepare for these evolving risks and potential liabilities.
“The recent global IT outage served as a powerful reminder of the dynamic nature of cyber and technology risks and emphasised the importance of robust business continuity and incident response protocols. It also reiterated the need for a comprehensive cyber insurance policy to mitigate these risks.”