cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Cyber attacks to one day become ‘uninsurable’

CEO of Zurich Insurance Group Mario Greco has issued a warning that cyber attacks will one day become “uninsurable”.

user icon Daniel Croft
Wed, 04 Jan 2023
Cyber attacks to one day become ‘uninsurable’
expand image

Insurance executives have been stating that natural catastrophes such as global pandemics and climate change will become uninsurable, but Mario Greco instead has said that “What will become uninsurable is going to be cyber.”

During an interview with the Financial Times, Greco declared that the rising disruption caused by bad actors and cyber attacks will one day mean they will be too much to insure.

“What if someone takes control of vital parts of our infrastructure, the consequences of that?


“There must be a perception that this is not just data … this is about civilisation. These people can severely disrupt our lives.”

Recent cyber attacks have seen health institutions, energy providers, banks and other core societal infrastructure brought to its knees, bringing the risk of cyber crime to the forefront of many people’s minds.

While this has led to companies looking to bolster their cyber security practices and upping insurance, Greco has warned that the private sector can only do so much.

Cyber insurance premiums are reflecting this, with an increase of 28 per cent from Q4 2021 to Q1 2022, according to The Council of Insurance Agents & Brokers.

Greco’s comment about the uninsurability of cyber comes as Zurich reached a settlement with the world’s largest snack company, Mondelez International.

The company whose largest brands include Cadbury and Oreo took Zurich to court in a US$100 million lawsuit after it was refused its cyber claims after the 2017 NotPetya attacks.

Zurich argued that the attack was state sponsored by Russia, and thus fell under a war exemption.

Greco did, however, show his support for the US government discouraging companies from paying ransom.

“If you curb the payment of ransoms, there will be fewer attacks,” he said.

Discouraging ransom payments is a step the Australian government has taken with local businesses, after it praised Medibank for not paying out the $15.6 million ransom requested by the hackers.

In addition, the government passed legislation that increases the civil penalty for serious breaches from $2.2 million to whatever is the most of:

  • $50 million;
  • 30 per cent of adjusted turnover for the period;
  • three times the financial gain from the misuse of data in the case of outstandingly shocking breaches.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.