Cyber risks are evolving far beyond privacy or reputational issues.
A new generation of cyber risks has caused Allianz Global Corporate & Specialty to urge businesses to strengthen their security strategies.
Future threats will come from intellectual property theft, cyber extortion and the impact of business interruption (BI) following a cyber-attack or from operational or technical failure, according to AGCS.
The company added that threats are fast evolving, moving beyond the established threats of data breaches, privacy issues and reputational damage to operational damage, leading to potentially catastrophic losses.
The company has released "A Guide to Cyber Risk: Managing The Impact of Increasing Interconnectivity", where it has revealed that cybercrime alone costs the global economy approximately $445 billion a year, with the world’s largest ten economies accounting for half this total.
In the UK, the cost of cybercrime as a percentage of GDP is 0.16%, with an estimated cost of $4.3bn (£2.8bn).
AGCS said businesses need to develop a cyber security culture with different stakeholders sharing risk management knowledge, as interconnectivity of devices and businesses drive new risk exposures with "business interruption a key vulnerability, and catastrophic scenarios a possibility".
Contributing to these scenarios, which could include a successful attack on the core infrastructure of the internet, a major data breach or a network outage for a cloud service provider, is the increasing interconnectivity of everyday devices and growing reliance on technology and real-time data at personal and corporate levels, known as the IoT.
The company added that ICS is another area of concern, as a number of these still in use today were designed before cyber security became a priority issue.
With cybersecurity gaining more importance within the enterprise and consumer sector, the firm predicts cyber insurance premiums to grow globally from $2 billion per annum today to over $20 billion by 2025, a compound annual growth rate (CAGR) of over 20%.
When responding to cyber risk, insurance can only be part of the solution, with a comprehensive risk management approach being the foundation for cyber defence, the company said.
AGCS recommends a ‘think-tank’ approach to tackling risk, whereby different stakeholders from across the business collaborate to share knowledge, in order to challenge different perspectives and consider alternative scenarios.
Chris Fischer Hirs, AGCS CEO, said: "As recently as 15 years ago, cyber-attacks were fairly rudimentary and typically the work of hacktivists, but with increasing interconnectivity, globalisation and the commercialisation of cybercrime there has been an explosion in both frequency and severity of cyberattacks.
"Cyber insurance is no replacement for robust IT security but it creates a second line of defence to mitigate cyber incidents."
Nigel Pearson, global head for cyber insurance at AGCS, said: "There is a general trend towards tougher data protection regimes, backed with the threat of significant fines in the event of a breach."
Jens Krickhahn, expert for cyber and fidelity at AGCS Central & Eastern Europe, said: "Once you have purchased cyber insurance, it does not mean that you can ignore IT security. The technological, operational and insurance aspects of risk management go hand in hand."