CyberCube and Munich Re: Joint experts publish report to advance the insurance industry's understanding of systemic cyber risks
The survey gathered insights from 93 seasoned cybersecurity professionals. The results provide a nuanced view of how systemic cyber events might unfold and of the factors that drive wide variation in risk exposure across firms:
Widespread Malware Risk
According to the majority of responding experts, a severe malware event could infect a quarter of all systems worldwide, but they agreed in that case only 15% may be fully compromised. Experts do not see an event where more than 50% of the world's systems are completely compromised. Based on the experts' judgement, another event on the scale of WannaCry and NotPetya would not be seen as surprising. Patch management, network segmentation, and data backups are identified as the most effective mitigations that organizations have against widespread malware attacks. When done effectively, such mitigations can reduce the chance of being affected by a widespread malware attack by 50% to 80% and reduce the financial impacts from such an event by a similar amount.
Cloud Risk
Cybersecurity experts expect broad cloud outages to last hours to days; outages beyond 72 hours are considered unlikely but not impossible. Findings show at least a medium level of dependency on cloud services across most industries with companies' business-critical operations increasingly reliant on them. Reliance tends to decrease with increasing company size. Financial losses scale with cloud outage duration: Respondents reported that a single-day outage of their most critical Cloud Service Provider (CSP) would likely result in a financial loss equal to 1% of their yearly revenue. Variation in losses reflect differences in dependency on the cloud, based on an organization's size, sector, and contingency planning.
The most effective mitigation against cloud outages is to establish a multi-region architecture with the CSPs used for critical business applications. Having multiple CSPs was not found to be effective; the option to transfer service from one CSP to another during an outage was seen as unfeasible. Cyber Experts surveyed rate Azure, AWS and Google as the best prepared to mitigate against a major cloud outage and to recover from such an event.
Emerging and Systemic Risks
Experts believe that new technologies will begin to affect the threat landscape at about the same pace that they are being adopted in cybersecurity practices. According to cybersecurity experts, in the near term Industrial and Consumer Internet of Things (IoT) devices pose the biggest concern. Large Language Models (LLMs) are regarded as having an impact now while Artificial General Intelligence (AGI) is seen as a greater concern in five or more years.
A fundamental challenge in cyber risk modeling is the deficiency of concrete tail-risk events, such as systemic malware or multi-region cloud outages. The joint survey represents the best attempt to parameterize plausible worst-case scenarios and establish expert consensus. Its objective was to advance market understanding, particularly concerning risk mitigation strategies for systemic cyber events. The results add credibility to CyberCube's model forecasts and further improve Munich Re's internal model and accumulation risk understanding.
Jon Laux, Vice President of Analytics at CyberCube, said: "By sharing the findings of our study on systemic cyber risks, we aim to provide a more nuanced view of how systemic cyber events might unfold and the factors that drive wide variation in risk exposure across firms.'
Stephan Brunner, Senior Cyber Actuary at Munich Re, said: 'Our ambition is to improve the understanding of possible extreme malware and cloud events alongside the effectiveness of mitigation measures by sharing the insights of our study. In collaboration, Munich Re aims to further strengthen expertise on systemic cyber risks and advance cyber accumulation modeling."
The research has contributed to a more refined understanding of the relative resiliency of organizations to systemic events and the key variables that influence an organization's ability to withstand such incidents. These findings represent an important input into CyberCube's and Munich Re's evolving view of cyber risk and help inform ongoing enhancements to their modeling approach. CyberCube has incorporated these insights into Version 6 of its risk aggregation platform, Portfolio Manager. Modeling cyber accumulation is a joint effort across the entire insurance industry. For this reason, the key findings of the survey are being published to foster dialogue in the market. This study is the third of its kind, CyberCube and Munich Re plan to conduct another study in 2026. Interested cybersecurity experts are invited to participate.
Read the report summarising the full study here – Key insights into systemic cyber risk
CyberCube is the leading provider of software-as-a-service cyber risk analytics to quantify cyber risk in financial terms. Driven by data and informed by insight, we have harnessed the power of artificial intelligence to supplement our multi-disciplinary team. Our clients rely on our solutions to make informed decisions about managing and transferring cyber risks. We unpack complex cyber threats into clear, actionable strategies, translating cyber risk into financial impact on businesses, markets, and society as a whole.
T he CyberCube platform was established in 2015 within Symantec and now operates as a standalone company. Our models are built on an unparalleled ecosystem of data and validated by extensive model calibration, internally and externally. CyberCube is the leader in cyber risk quantification for the insurance industry, serving over 100 insurance institutions globally. The company's investors include Forgepoint Capital, HSCM Bermuda and Morgan Stanley Tactical Value. For more information, please visit www.cybcube.com or email info@cybcube.com.
Munich Re is one of the world's leading providers of reinsurance, primary insurance and insurance-related risk solutions. Munich Re is globally active and operates in all lines of the insurance business. Since it was founded in 1880, Munich Re has been known for its unrivalled risk-related expertise and its sound financial position. Munich Re leverages its strengths to promote its clients' business interests and technological progress. Moreover, Munich Re develops covers for new risks such as rocket launches, renewable energies, cyber risks and artificial intelligence. In the 2024 financial year, Munich Re generated insurance revenue of €60.8bn and a net result of €5.7bn. The Munich Re Group employed about 44,000 people worldwide as at 31 December 2024. For more information, please visit www.munichre.com.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Business Wire
35 minutes ago
- Business Wire
flyExclusive Achieves ARGUS Platinum Safety Rating
KINSTON, N.C.--(BUSINESS WIRE)--flyExclusive, Inc. (NYSEAMERICAN: FLYX) ('flyExclusive' or the 'Company'), a leading provider of premium private jet experiences, today announced it has once again earned the prestigious ARGUS Platinum rating—one of the highest recognitions in private aviation—reinforcing the company's unwavering commitment to safety, reliability and procedural excellence across its operations. flyExclusive has satisfied ARGUS rating requirements every year since 2015, completing all required audits over that period. flyExclusive's retained Platinum status confirms the company's top tier safety protocols across its Safety Management System, Emergency Response Plan, organizational controls, operating procedures, training and maintenance programs. 'At flyExclusive, safety isn't just our top priority — it's the foundation of how we operate,' said Matthew Lesmeister, Chief Operating Officer. 'Our top tier safety certifications through ARGUS, Wyvern, and IS-BAO, reflect our relentless commitment to a culture of safety, risk management, and operational excellence across every part of the business — for our customers, our crews, and our entire team.' The ARGUS Platinum safety certification is awarded by ARGUS International after a comprehensive evaluation of safety culture, risk management, and regulatory compliance. About flyExclusive flyExclusive is a vertically integrated, FAA-certificated air carrier providing private jet experiences by offering customers a choice of on-demand charter, Jet Club, and fractional ownership services to destinations across the globe. flyExclusive has one of the world's largest fleets of Cessna Citation aircraft, and it operates a combined total of approximately 100 jets, ranging from light to large cabin sizes. The company manages all aspects of the customer experience, ensuring that every flight is on a modern, comfortable, and safe aircraft. flyExclusive's in-house repair station, aircraft paint, cabin interior renovation, and avionics installation capabilities, are all provided from its campus headquarters in Kinston, North Carolina. To learn more, visit
Yahoo
an hour ago
- Yahoo
PAX Launches in Phoenix-Metro Area as First Rideshare App Providing Private Driver-Level Service
PAX offers scheduled rides with carefully vetted professional drivers, delivering a personal, elevated and connected experience PHOENIX, July 15, 2025--(BUSINESS WIRE)--A new option is now available for residents and visitors who want more from their rideshare. PAX is the state's first and only premium app-based service offering a private driver experience to riders in the Phoenix metro area. At a time when traditional rideshare options have become associated with unpredictability, PAX offers a more upscale, comfortable and consistent alternative – without the hefty cost or commitment of hiring a private driver. Through the PAX app, riders can schedule pickups in advance without added fees, browse detailed profiles to hand-select their preferred driver and enjoy a high-end, personalized ride experience. "Riders today are often forced to compromise their feeling of safety for the sake of availability," said PAX President Daniel Sidler. "PAX is designed for people who want more control and peace of mind; people who value a more comfortable ride with a driver they actually know and trust. Whether you need frequent airport trips or just want a stress-free night out, PAX adds class, consistency and service into every experience." Each PAX driver is carefully vetted and held to higher standards for presentation, communication and service. Riders can pick their driver based on vehicle, style and previous experience, as well as create a relationship for future rides. The result is less last-minute stress and fewer surprises. "Simply put, PAX gives riders the peace of mind that comes from total control over the rides they take," Sidler said. "A personal driver on your schedule ensures your experience is exactly what fits your needs. For some, that's a small talk-free, peaceful ride to get through work emails or decompress after a long day. For others, it's a social experience – talking about Valley favorites and getting to know each other. Either way, trust remains at the core." Download the PAX Rider app on the App Store or Google Play. New riders can enter code WELCOME20 to receive 20% off their first ride through Sept. 30, 2025. About PAX PAX is a premium rideshare service offering the experience of a private driver through the convenience of an app. Available in Arizona, PAX empowers riders to schedule rides in advance, select their preferred drivers and enjoy consistent, elevated service tailored to their needs. More at View source version on Contacts Claire ChandlerAker (480) 599-6880 Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
an hour ago
- Yahoo
Versa Recognized in 2025 Gartner® Magic Quadrant™ for SASE Platforms for Third Year in a Row
Versa is One of Only Three Vendors to be Recognized in Gartner Magic Quadrants for SD-WAN, Security Service Edge, and SASE Platforms SANTA CLARA, Calif., July 15, 2025--(BUSINESS WIRE)--Versa, the global leader in Universal Secure Access Service Edge (SASE), today announced it has been recognized in the just-released 2025 Gartner Magic Quadrant for SASE Platforms report 1, which provides evaluations of 11 converged security and networking services across multiple criteria. Versa is one of only three SASE vendors to be recognized in the Gartner Magic Quadrants for Security Service Edge2, SD-WAN3, and SASE Platforms. Traditionally considered separate domains, the merging of networking and security as an integrated service on a single SASE platform is a well-established trend, underscored by the Gartner strategic planning assumption that "By 2028, 70% of SD-WAN purchases will be part of a single-vendor SASE platform offering, up from 25% in 2025."1 For its report, Gartner considered SASE offerings that "deliver multiple converged-network and security-as-a-service capabilities, such as software-defined wide-area network (SD-WAN), secure web gateway (SWG), cloud access security broker (CASB), network firewalling and zero trust network access (ZTNA)." "We are thrilled to be recognized for a third consecutive year in the Gartner Magic Quadrant for SASE solutions," said Kelly Ahuja, Versa CEO. "Our VersaONE Universal SASE Platform is trusted by enterprises and service providers globally to simplify how they protect every edge and securely connect anything, anywhere, anytime — all powered by a modern operating system that uses AI across security, networking, and operations." With tens of thousands of customers and hundreds of thousands of sites, Versa is deployed across a broad range of industries, including financial services, retail, manufacturing, high-tech, the public sector, and healthcare. Versa addresses these organizations' most challenging security and networking use cases, including hybrid work, multi-cloud connectivity, mobile 5G and satellite networking, and securing the use of GenAI tools. A complimentary copy of the 2025 Gartner Magic Quadrant for SASE Platforms is available at ________________________________________ 1 Gartner, Magic Quadrant for SASE Platforms, Jonathan Forest, Neil MacDonald, Dale Koeppen, July 9, 2025. 2 Gartner, Magic Quadrant for Security Service Edge, Charlie Winckless, Thomas Lintemuth, Dale Koeppen, Charanpal Bhogal, May 20, 2025. 3 Gartner, Magic Quadrant for SD-WAN, Jonathan Forest, Karen Brown, Nauman Raja, September 30, 2024. GARTNER is a registered trademark and service mark of Gartner and Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. About Versa Versa, a global leader in SASE, enables organizations to create self-protecting networks that radically simplify and automate their network and security infrastructure. Powered by AI, the VersaONE Universal SASE Platform delivers converged SSE, SD-WAN, and SD-LAN solutions that protect data and defend against cyberthreats while delivering a superior digital experience. Thousands of customers globally, with hundreds of thousands of sites and millions of users, trust Versa with their mission critical networks and security. Versa is privately held and funded by investors such as Sequoia Capital, Mayfield, and BlackRock. For more information, visit and follow Versa on LinkedIn and X (Twitter) @versanetworks. Versa Networks, VOS, the Versa logo, and Versa Titan are or may be registered trademarks of Versa Networks, Inc. View source version on Contacts Dan Spaldingdspalding@ (408) 960-9297 Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
