Cyber incidents top risk concern for financial institutions in 2024, says Allianz

Joy Agwunobi

The financial services sector has long been a prime target for cyberattacks, but recent research has revealed that cybersecurity incidents are the top risk concern for the industry in 2024.

As financial institutions continue to digitise their operations and embrace new technologies, they are faced with the ever-present threat of data breaches, ransomware attacks, and other forms of cybercrime.

The heightened concerns of the financial services sector echoed  the findings of Allianz Risk Barometer Report, a valuable resource that assesses emerging risks across industries and sectors, revealing  cyber incidents as one of the top risks for businesses globally in 2024.

The Allianz Risk Barometer survey gathered insights from industry experts and executives across the financial services sector and other industries. The report provides valuable insights into the risks facing the financial sector and highlights the need for proactive risk management strategies.

The report revealed  that cyber incidents have become the primary concern for financial institutions in 2024, with 43 percent of respondents ranking it as a significant risk. It also noted a rise in ransomware attacks, leading to a more than 50 percent increase in insurance claims activity compared to 2022.

While cyber incidents are the top concern, the survey also identified other risks facing financial institutions, including: Macroeconomic developments (26%), changes in legislation and regulation (26%);business interruption (22%); natural catastrophes (22%).

The report elaborated on these risks, particularly emphasising the difficulty of managing macroeconomic factors like inflation in 2024. It noted that inflation has long-term consequences, with investments taking time to regain value even after economic recovery.

According to the Allianz report, it  showed that compliance remains a perpetual challenge for companies seeking to keep pace with the evolving legislation and regulation surrounding digitisation, climate change, and environmental, social, and governance (ESG) factors, adding that the compliance burden has grown over the past decade due to intensified regulatory enforcement. 

To navigate these challenges, it noted that  financial institutions need to enhance the effectiveness and efficiency of their compliance activities and leverage data and technology wisely.

The report also pointed out  that business interruption poses significant risks to the financial services industry, including operational disruptions, revenue loss, reputational damage, and regulatory compliance challenges. It added that cyber incidents and natural catastrophes are the top causes of business interruption, followed by fire and machinery/equipment breakdown. 

To mitigate these risks, companies were advised to improve business continuity management, identify supply chain bottlenecks, and develop alternative suppliers.

In addition to cyber incidents, the report noted that  natural catastrophes also threaten the financial industry, causing physical damage to infrastructure, disrupting operations, increasing insurance claims, and potentially leading to liquidity challenges. 

It added that the financial impact of natural disasters was underscored in the $82 billion in insured losses globally in 2021.To address this, financial institutions were advised to prioritise robust risk modelling, diversification strategies, and disaster preparedness measures to mitigate these risks.

The report further revealed that hackers are becoming increasingly sophisticated in their attacks, targeting IT and physical supply chains, launching mass cyber-attacks, and finding new ways to extort money from businesses. Consequently, to effectively combat these threats, the report suggested  that early detection and response capabilities and tools are becoming increasingly crucial to prevent unplanned downtime, increased cost, and a greater impact on customers,revenue and reputation. It also noted that investing in AI-backed detection tools can  enhance incident identification and mitigate risks.

Commenting on the report, Santho Mohapeloa, a cyber insurance expert at Allianz Commercial, noted that cybercriminals are leveraging new technologies like generative artificial intelligence (AI) to enhance and expedite their attacks, leading to more sophisticated malware and phishing tactics.

According to Mohapeloa, the increasing number of cyber incidents stemming from inadequate cybersecurity measures, particularly in mobile devices, a shortage of cybersecurity professionals, and the vulnerability of smaller companies due to their reliance on IT outsourcing are all expected to contribute to the drive  in cyber activity in 2024.