Cyber risk continues to increase with rapid development of technology
The just-released Allianz Risk Barometer, an annual business risk ranking compiled by Allianz Commercial incorporating the views of 3,778 risk management experts in 106 countries and territories including CEOs, risk managers, brokers and insurance experts, cites cyber incidents (38% of overall responses) as the most important risk globally for the fourth year in a row – and by a higher margin than ever (7% points).
Cyber incidents such as ransomware attacks, data breaches and IT outages is the top global risk for 2025, marking its fourth consecutive year at the top. Ten years ago, it ranked only #8 globally with just 12% of responses, compared with 38% in 2025.
For many companies, cyber risk, exacerbated by the rapid development of artificial intelligence (AI), is the big risk overriding everything else. It is likely to remain a top risk for organizations going forward, given the growing reliance on technology – the CrowdStrike incident in summer 2024 once again underlined how dependent we all are on secure and reliable IT systems.
Concern is widening worldwide as well. Cyber is the top risk across North and South America, in Europe and Africa, and comes out on top in 20 countries in both developed and emerging economies. As well as being the top risk in countries such as Australia, France, Germany, India, Italy, Portugal and the UK, cyber is also the new top risk year-on-year in Brazil, Colombia, Philippines, Morocco and South Africa.
Cyber also ranks as the top risk for large, mid-sized and smaller companies and is now ranked #1 by respondents in industries ranging from aviation to chemicals to entertainment. Financial services, media, professional services such as legal, technology, and the telecommunications sectors also cite cyber as their risk of most concern.
The past year has seen continuing ransomware attacks, which are increasingly targeting sensitive data to increase the financial leverage on companies. Ransomware continues to be the top cause of cyber insurance loss, during the first six months of 2024, it accounted for 58% of the value of large cyber claims (>€1mn).
A data breach is the cyber exposure companies fear most. The growing significance of data breach losses among cyber insurance claims is driven by a number of notable trends. A rise in ransomware attacks including data exfiltration is a consequence of changing attacker tactics and the growing interdependencies between organizations sharing ever more volumes of personal records.
Cyber is likely to remain a top risk for organizations going forward, given the growing reliance on technology, and as AI is incorporated into a growing number of products and services. Advancements in technology, enhanced connectivity, faster network speeds, and the rise of remote work and digital commerce will continue to elevate cyber risks, such as data breaches and ransomware attacks.
AI will further amplify and accelerate these threats, but it also holds the potential to enhance cyber security measures, offering a dual-edged sword in the digital landscape.
Companies have little choice but to adopt AI due to its rapid advancement. Those who hesitate risk falling behind competitors and missing valuable opportunities. While technology development used to be gradual, today’s fast-paced AI landscape, coupled with regulatory and legal lag, demands swift adoption. This is the new normal.
The jury still appears out as to whether the benefits of AI comprehensively outweigh the risks – when asked about the impact AI is having on their industry, 50% of respondents said they believed it brings more benefits than risks, while 35% said it was “neither a positive nor a negative” and 15% said that there were more risks than benefits.
With AI, a balance needs to be found between risk and reward. Take cyber risk. AI is being used by criminals and nation states to cause disruption or spread misinformation. But it can also help mitigate risks and build resilience. AI can help improve processes and productivity, but it also impacts employees and raises questions in areas like ethics, privacy and cyber security.
While the application of AI can help prevent or mitigate risk, there can be unintended consequences. One mitigation action can create new problems or even be counterproductive to the original goal. This is a major challenge going forward. Businesses will need to manage these risks and risk prevention measures holistically. It’s essential to ensure that an AI-driven solution doesn’t inadvertently increase other risks.
