Cyber: dealing with a data breach | AGCS – Allianz Global Corporate & Specialty

Following a cyber breach, there is a critical moment – perhaps only a few minutes or maybe an hour or two at most – when the decisions made will significantly influence the outcome. For this to be minimally damaging, there needs to be a thorough understanding of what is likely to happen and what is at stake.

So advises Robin Kroha, Chief Information Security Officer & Head of Global Protection and Resilience at Allianz Services. A company must be meticulously prepared for a serious breach, with a cyber incident response organization and plan in place. This includes exercising critical scenarios in advance and having a trained team who clearly understand their roles and responsibilities.

“Plans are important,” Kroha acknowledges. “But exercises are critical because even the best plans cannot replace a well-prepared team. Plans must be practiced to ascertain their effectiveness in a real-life incident.”

The growing number of cyber incidents remains the most significant concern of companies for a second year in succession, according to the annual Allianz Risk Barometer. “In the 2023 report, 34% of the responses from more than 2,700 experts around the world ranked cyber incidents as the greatest risk their companies face [1],” says Michael Daum, Global Head of Cyber Claims at Allianz Global Corporate & Specialty (AGCS). “In particular, we are seeing increasing cases of data breaches, either with ransomware attacks or stand-alone.”

According to Allianz Risk Barometer respondents, a data breach is the exposure that concerns companies the most (53%). Data privacy and protection is a critical risk that is intensifying – IBM’s The Cost of a Data Breach Report states the average cost from such incidents reached an all-time high in 2022 of $4.35mn and is expected to surpass $5mn in 2023. [2]