A look at—and response to—the
emerging risks that could dominate 2025
By Lori Widmer
This year will be the year of cyber exposure. That according to the 2025 Allianz Risk Barometer, which surveys global customers as well as brokers, trade organizations, underwriters, claims professionals, and risk consultants.
For the first time ever, in 2025 cyber incidents were ranked the most important business risks. The report shows a two-point increase over 2024 in the number of global businesses that rank it their top exposure.
Yet what stands out this year is that nothing is a stand-alone risk anymore. Cyber risks are bleeding into any number of business areas. Because businesses are so dependent on technology to operate, where there is technology, there is cyber risk.
Cyber issues are now seen across nearly every area of the enterprise. One cyber incident could impact business interruption (#2 on the list), legislative and regulatory risk (#4), and market development (#8). The influx of new technologies (#10), particularly those employing AI, are intensifying the scope of cyber risk.
The underlying message, says Thomas Varney, is that any cyber event can create a domino effect of exposures. “There is this interconnectivity across the board,” says Varney, regional manager, North America, for Allianz Commercial. “It’s not that each of these risks sit by themselves in a silo. There are aspects of these risks that if something happens, it probably impacts other areas. For example, natural catastrophe and climate change.”
The rise of cyber risk
It’s a far cry from two years ago, when the biggest risk companies faced was finding employees in an atmosphere of ongoing worker shortages, says Varney. Still, the effects of the pandemic and more people working remotely or in hybrid environments has brought cybersecurity to the forefront for many organizations, he says. That’s when company equipment was being used at home in potentially unsecure situations—a necessity of the times.
Another factor that is creating increased cyber awareness is the ongoing and increasing instances of spoofing and phishing attempts. According to Cisco’s CISO report, 96% of chief information security officers surveyed say their organizations fell victim to a ransomware attack in 2024. Of those, 83% paid the ransom, and 52% experienced an attack that significantly impacted business systems and operations.
The increased activity, Varney believes, stems from two areas, the first being the routine transfer of data between operations and organizations. “Where data is being transitioned or moved, that creates a possible situation.” He sees as another large loss driver the legal ramifications revolving around personal data handling.
Even amid increased data storage and movement, Varney says companywide awareness and training can make a big difference. An employee clicking on a link or giving access without vetting the source is preventable. Companies should be “making sure that employees are trained and aware” of the potential for breach.
This potential vastly increases as companies adopt the latest technologies. Each new technology comes with its own set of risks, and Varney says that organizations should be aware of what those risks are and how they can best address them. “The first question should be, ‘Do I have a risk?’ and then, ‘What do I do with that risk and how do I address it within my business as we go forward?’”
A regulatory Wild West
One risk area that may be a bit more difficult to address is the regulatory and legislative arena. According to the Allianz Risk Barometer, sweeping changes in trade wars or deregulation could create a risk of a “regulatory Wild West.” Everything from cryptocurrencies to artificial intelligence could see increased risk of money laundering and financial crime, says the report. As for AI, the report cautions against the spread of fake news and the potential development and application of AI “without guardrails.”
“There is this interconnectivity across the board. … There are aspects of these risks that,
if something happens, it probably impacts other areas. For example, natural catastrophe and climate change.”
—Thomas Varney
Regional Manager, North America
Allianz Commercial
Equally concerning is the implementation of tariffs. “The effect will be pretty much the same as with (over)regulation: ramping up costs for all companies affected,” according to the report. As the current administration has signaled placing tariffs on foreign goods from some countries, U.S.-based organizations are bracing for the impact.
Varney suggests that organizations examine each regulation closely and work toward a more basic understanding of how it applies to the business. “What is the regulation trying to control? How can we administer that better? How can we make it easier for people to comply with what needs to happen [in order to be compliant]?”
This is where smaller and mid-sized organizations may need outside help. They’re the entities who, Varney says, do not have the resources to employ someone to focus solely on regulatory compliance.
Learning to serve
That person may well be the insurance agent or broker, says Varney. Yet in an atmosphere of rapid change, many agents and brokers—as well as insurers themselves—may find themselves out of the loop. “A lot of these things are new,” Varney says of today’s risks. “They’re new to us, as well. Ten years ago, cyber wasn’t even on anyone’s radar.”
He advises agents, brokers and the insurance industry as a whole to review risks in detail. “What are the things that we need to do? Obviously, the insurance industry does cyber underwriting. It’s one area where we need to evolve. And, I believe, it’s really around how we can better communicate, how can we offer training and guidance where needed and help businesses do what they need to do.”
That starts by addressing the learning curve within. “We as insurers and brokers, as well, need to look at what are the real needs of the insurance product, of the insurance services. What are the ways we can help businesses better understand what their risks are? How can we better educate? We’re not there to tell them how to do their business, but how can they do it safer? What do they need to think about?”
Varney says that open communication on what the client’s needs are is a start. From there, agents, brokers, and insurers can work toward making sure that the product offerings and the services are ones that will be impactful to those needs. “The reality is that these risks change. We as insurance carriers have to change, as well. We have to address what those concerns are and how to address them going forward.”
Agents and brokers, he says, can help clients look at their business and identify the changes. As they look at the aspects of the business that are changing, Varney says, their agent or broker can prompt them to delve deeper: “Does that impact other areas? What can I do? Whom could I ask?”
He advises that often, an outside expert might be the best resource. Savvy agents and brokers will be able to help their clients find those experts.
Building defenses with partnerships
Having experts on hand now for the risks that many organizations are concerned about makes sense. “Technology will continue to evolve,” Varney says. “It’s going at a rapid pace. Start now with open communication.”
That means getting into honest, frank discussions with clients about how changes—any changes—can impact various areas of the business. “If they don’t know the risk, then they’re making a decision with unknown consequences.”
Such open communication can position agents and brokers to offer sound solutions for their clients and can earn client trust by sharing and being that trusted advisor. “How do we support you as a business. How do we support you as a broker with your clients going forward? That’s the key.”
For more information:
Allianz Commercial
commercial.allianz.com
The author
Lori Widmer is a Philadelphia-based writer and editor who specializes in insurance and risk management.
