Menu

Cyber perils are the biggest concern for companies in Africa and Middle East, and specifically Nigeria and South Africa in 2022, according to the Allianz Risk Barometer which launched today. The threat of ransomware attacks, data breaches or major IT outages worries companies around the world more than business and supply chain disruption, natural disasters or the Covid-19 pandemic, all of which have heavily affected firms in the past year.

Globally, cyber incidents tops the 2022 Allianz Risk Barometer for only the second time in the survey’s history; business interruption drops to a close second; and natural catastrophes ranks third. Climate change climbs to its highest-ever ranking of sixth, while pandemic outbreak drops to fourth.

The annual survey from Allianz Global Corporate & Specialty (AGCS) incorporates the views of 2,650 experts in 89 countries and territories, including CEOs, risk managers, brokers and insurance experts, the company said in a statement to Financial Nigeria, on Tuesday.  

“’Business interrupted’ will likely remain the key underlying risk theme in 2022,” AGCS CEO, Joachim Mueller, said to summarize the report. “For most companies the biggest fear is not being able to produce their products or deliver their services. 2021 saw unprecedented levels of disruption, caused by various triggers. Crippling cyber-attacks, the supply chain impact from many climate-change-related weather events, as well as pandemic-related manufacturing problems and transport bottlenecks wreaked havoc. This year only promises a gradual easing of the situation, although further Covid-19-related problems cannot be ruled out. Building resilience against the many causes of business interruption is increasingly becoming a competitive advantage for companies.”  

Political risks, violence and changes in legislation and regulation are rising concerns for businesses in Africa and Middle East. Political risks and violence moved from sixth to fourth due to the number, scale and duration of riots and protests such as civil unrest and looting in South Africa. Changes in legislation and regulation moves up three places for fifth in the region.

“Fortunately, large scale terrorism events have declined drastically in the last five years. However, the number, scale and duration of riots and protests in the last two years is staggering and we have seen businesses suffering significant losses,” says Bjoern Reusswig, Head of Global Political Violence and Hostile Environment Solutions at AGCS. “Civil unrest has soared, driven by protests on issues ranging from economic hardship to police brutality which have affected citizens around the world. And the impact of the Covid-19 pandemic is making things worse – with little sign of an end to the economic downturn in sight, the number of protests is likely to continue climbing.”

“Preparation is key – in particular for exposed sectors such as retail,” explains Thusang Mahlangu AGCS Africa CEO. “Businesses need to review their business continuity plans (BCP) and should be aware of what is happening around them. Typically, these only focus on national catastrophes, but there is a need for BCP plans to address political disturbances and other types of business disruption like cyber. Having defined, and preferably tested, procedures in place is crucial – these should include staff, client and general communication and social media plans. It is imperative for companies to think deeply about how they can best protect their assets and people.”

Cyber incidents ranks as a top three peril in most countries and regions surveyed including Africa and Middle East, South Africa and Nigeria. It also ranks second in Ghana, fourth in Morocco and Namibia, fifth in Kenya and seventh in Turkey. The main driver is the recent surge in ransomware attacks, which are confirmed as the top cyber threat for the year ahead by survey respondents. Recent attacks have shown worrying trends such as ‘double extortion’ tactics combining the encryption of systems with data breaches; exploiting software vulnerabilities which potentially affect thousands of companies (for example, Log4J, Kaseya) or targeting physical critical infrastructure (the Colonial Pipeline in the US). Cyber security also ranks as companies’ major environmental, social and governance (ESG) concern with respondents acknowledging the need to build resilience and plan for future outages or face the growing consequences from regulators, investors and other stakeholders.

“Ransomware has become a big business for cyber criminals, who are refining their tactics, lowering the barriers to entry for as little as a $40 subscription and little technological knowledge. The commercialization of cybercrime makes it easier to exploit vulnerabilities on a massive scale. We will see more attacks against technology supply chains and critical infrastructure,” explains Scott Sayce, Global Head of Cyber at AGCS.