Fears of a cyber assault have topped a biennial Aon risk list for the first time since the broker started its Global Risk Management Survey in 2007.

The 2344 risk decision-makers who took part in this year’s survey, including in Australia, expect cyber to remain the biggest threat even in 2024. The survey respondents come from 60 economies across 16 industries at public and private companies.

When the findings are broken down according to industry-specific risks, the insurance sector globally assigned cyber as the gravest danger at present and predicts it will stay as the biggest threat in three years’ time.

Fears of cyber trumped potential business disruption caused by pandemic/health crises, which ranked ninth in Australia and seventh globally. This is the first time that pandemic/health crises has entered the top-10 risk table.

Australia respondents say after cyber, the next nine biggest risks to their businesses are damage to reputation/brand, failure to innovate/meet customer needs, business interruption, failure to attract or retain top talent, regulatory/legislative changes, economic slowdown/slow recovery, cash flow/liquidity risk, pandemic risk/health crises and increasing competition.

That cyber attack is now the biggest concern did not surprise industry watchers, including lawyers who specialise in this space.

“We are now a digital economy, a digital world, and as a result of that cyber has cemented itself in the top spot,” Clyde & Co Partner John Moran told insuranceNEWS.com.au. “I think it’s completely not surprising that it’s number one.”

Aon says concerns over cyber are justified, given the sharp escalation in the severity and frequency of attacks on businesses by hackers, who are using increasingly sophisticated methods to lock or steal data for ransom payments.

According to Mr Moran, some criminal gangs have been able to “jump the fence” to carry out their attacks, overcoming some of the most sophisticated security measures that some companies have put up.

“Ransomware isn’t new,” Mr Moran said. “It has been around for a long time but what is new in 2021 is the increase of the severity of the attacks and a sharper focus by these criminal gangs on higher profile targets so that these criminal gangs get a better return from the attacks.”

Wotton + Kearney Head of Cyber, Privacy and Technology Liability Kieran Doyle says the severity of the attacks is driving companies’ fears when they think about cyber.

“For ransomware in particular, its ability to immediately, without notice, bring your operations to a standstill is without a doubt for me the number one cyber risk,” he told insuranceNEWS.com.au. “I think boardrooms have seen the devasting impacts of ransomware play out in the media impacting organisations at all levels in all industries.

“It is a risk that simply cannot be ignored.”

Click here for the report.

See ANALYSIS.