Cyber security risks, including ransomware, data breaches, and IT disruptions, remained the top business concern worldwide over the past year. A recent Report published by the International Underwriting Association (IUA) underscores the need for cyber business interruption (BI) risks to receive the same attention as information technology security controls and ransomware threats.
The new IUA guide also aims to help insurers navigate money-handling requirements in the European Union. Across the continent, insurers face varying approaches to risk transfer and insurance distribution through agents, sub-agents, or brokers. Often, they must agree to a ‘cascaded’ risk transfer, making them responsible for funds held by parties further down the distribution chain. [1]
The Report outlines the requirements and approaches encountered in 15 key European markets. The publication states whether risk transfer is possible or, indeed, mandatory. It also describes how risk transfer can be cascaded and the general market practice for protecting premium and claims funds held by a sub-agent.
The IUA’s Cyber Underwriting Group published a Business Interruption Report in 2018. The report provided an overview of the subject and the principles of calculating a loss.
The 2025 Report, produced in collaboration with professional services firm Baker Tilly, examines recent cyber security and attack trends.
It notes that while understanding cyber business interruption has progressed, further improvements are needed to enhance the claims process for both insurers and policyholders. Helen Dalziel, Director of Public Policy at the IUA, said the cyber insurance market has seen a notable increase in business interruption claims regarding frequency and financial impact. In particular, she referenced a high-profile and costly incident involving CrowdStrike as an example of the risks businesses face.
A separate report from Allianz identifies the major business risks for 2025, which finds that cyber incidents are the top global risk 2025. By a higher margin than ever, 7% points ahead of business interruption in #2. “It is the fourth year in a row that cyber is ranked #1 after first ranking top in 2020. Ten years ago, it ranked only #8 globally with just 12% of responses." Allianz concludes.
In a comment, the principal at leading law firm Baker Tilly, Ben Hobby, emphasized the importance of business interruption cover as a key component of cyber insurance policies and its role in claim settlements. “Business interruption cover is a critical part of a cyber insurance policy and can be a significant part of any claim settlement. We, therefore, consider it critical to the cyber insurance market’s continued success to share these experiences so that cyber business interruption and the resulting financial exposures are better understood.” Hobby says that sharing insights gained from handling cyber claims is crucial to improving understanding of financial exposures related to cyber business interruption.
This article is shared at no charge and is for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225 or feedback@redskyalliance.com
• Reporting: https://www.redskyalliance.org/
• Website: https://www.redskyalliance.com/
• LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
[1] https://www.cybersecurityintelligence.com/blog/business-interruption-is-the-1-cyber-risk-8255.html
© 2025 Red Sky Alliance Corporation. All rights reserved.
Comments