Climate Change and Cyber Risks in 2021

By John Mina, CEO

Climate Change and Cyber Risks in 2021

I don’t claim to know what the future holds, or what catastrophic event will send the world wobbling next. COVID-19 took everyone off-guard, even though there were predictions and warning signs about a global pandemic for at least 20 years. COVID will have lasting effects on the way businesses operate, just as 9/11 forever changed air travel and security. Events of such magnitude have ripple effects far into the future and cause many of us to ask, “What’s next?”

From my perspective, the risks associated with climate change and cyber present very real threats to our personal and economic ways of life. Being prepared to the best of our ability through thoughtful risk management is the most effective safeguard we have against these threats.

Climate Change

The reality of climate change is that our planet is warming, and that reality is becoming ever more stark. Hurricanes are becoming stronger and stretching farther inland. Wildfires are more frequent, intense and reach more parts of Western states than ever. Sea levels are steadily inching upwards. No region of the United States is immune to the effects of climate change any longer. Compounding the problem of changing and intensifying weather patterns is the overdevelopment of coastal locations and the potential for widespread property loss and damage. Billions, if not trillions, of property dollars are now in jeopardy from rising sea levels and flooding.

As catastrophic weather events continue to damage more areas of the country, insurers are fundamentally changing the way they look at risk.

Insurance companies are reevaluating their models around claims, premiums and protected losses. They’re reassessing the amount of risk they’re willing to write. To those who need insurance coverage to run a business, protect a home, or develop a property, it’s more difficult, expensive and competitive to buy. The quality of the risk matters more today than it did in the decades-long soft market we have all grown accustomed to.

As risk consultants and insurance brokers, we need to stay a step ahead. It’s on us to understand what makes a compelling risk and what sort of proactive risk management needs to be in place so that our clients can demonstrate they’re a better risk than the next guy. Taking a holistic view is critical. This entails business continuity and disaster recovery planning as well as strong risk management and loss control expertise.

Cyber Risk

The other notable and persistent risk we face in the near future is centered on the cyber landscape and the possibility of a cyber-pandemic.

Cyber risk has undergone a major shift in recent years. In the past, cyber criminals were focused on hacking systems to gain access to personal information and monetizing it on the black market. As the value of the data has decreased, threat actors have changed their approach. Ransomware and social engineering through tactics such as manipulating invoices are the norm. This affects every organization, large or small, public or private, from high- to low-tech, from health systems to government offices. This shift in attack methodology has also caused an increase of 200%-300% on the average expense to investigate and respond to cyber incidents.

As we’ve discussed extensively through our cyber liability practice, ransomware attacks and data breaches have far-reaching consequences, not just in terms of financial loss, but also business interruption, reputational damage, increasing liabilities and regulatory scrutiny.

With the rapid shift to a work-from-home model during the pandemic, cyber risk has become more complex and continues to evolve as business evolves. In today’s world, everything is connected. Our reliance on the data and communication streams is so critical that if there was a massive disruption, it could cripple the world economy.

Cyber insurance is every bit as critical to a company as auto or workers’ comp. And, like most insurance markets, it’s hardening as carriers are experiencing a material deterioration on profitability. Cyber carriers are taking a more proactive stance today in writing coverage. They’re assessing contingency and business continuity plans, the use of key technology solutions, and employee training. In the current market, having better controls than your peers not only reduces your total cost of risk but has a direct correlation on the available breadth of coverage and capacity.

The COVID pandemic revealed a lot in 2020 about the myriad contingencies associated with a major disruption. On the positive side, a lot of companies realized that the well-being of their employees is essential to their long-term success and survival. Many companies learned that staying current on technology is about more than driving efficiency; it’s about continuing to serve your clients, connect with your workforce and ensure the perpetuation of your organization.

Answering the question, “How will you stay in business when ‘it’ happens, whatever ‘it’ is?” is critical. The threats posed by climate change and cyber are serious. They require appropriate insurance coverage, and that coverage will be continue to become harder and more expensive to secure. In the coming year, it will be important for organizations to take a holistic view of risk so that they will be better positioned to withstand a systemic shock.