Cybersecurity situation in the age of AI
In 2024, cyber incidents are ranked number one among the world's most significant business risks in the Allianz Risk Barometer – making them the top threat for the third year in a row. The German Federal Office for Information Security (BSI) also speaks of increasing threats from cybercriminals. In its 2023 status report, the BSI also warns that the use of artificial intelligence (AI), in addition to its numerous opportunities, also harbors risks, for example, in that AI tools can be used to automatically find software vulnerabilities and carry out cyberattacks. In this context, small and medium-sized companies or administrative institutions are increasingly falling victim to so-called ransomware attacks. According to BSI President Claudia Plattner, cybercrime causes a total of around 206 billion euros in damage per year in Germany alone.
The threat situation makes it clear how important prevention is for companies and institutions of all types and sizes. After all, there are ways to protect yourself from cybercrime. However, effective protection involves more than just standard insurance. Rather, holistic risk management consists of four central building blocks that only become sustainably effective when combined:
- Organizational measures (e.g. reviewing the information security concept and creating an emergency plan) ensure that companies remain capable of acting even in an emergency, thus keeping damage to a minimum.
- Personnel measures (e.g. special training for employees) are particularly important because more than two-thirds of cyber losses are caused or at least facilitated by a company's own employees.
- Technical measures (such as the right firewall, a functioning backup strategy or multifactor authentication) create hurdles for cybercriminals and enable those affected to take action in an emergency.
- Risk transfer (to a cyber insurance policy) is the final step, because even if all measures are successfully implemented, a significant residual risk remains. Losses caused, for example, by violations of the GDPR, business interruption, system recovery, forensics and, last but not least, loss of reputation, can quickly reach threatening financial heights. It is essential to choose the individually appropriate insurance solution with the appropriate scope.
To meet the increasing complexity of this topic, the Ecclesia Group is bundling all internal expertise in the highly specialized unit Ecclesia Cyber. Ecclesia Cyber offers our customers expert support, from the initial assessment of on-site IT security to advice on the appropriate insurance solution, 24/7 support in an emergency and follow-up in the event of an incident. The unit's experts provide the necessary specialist knowledge to support the contact persons in our company with whom they are familiar.
Carola Kortfunke