Geopolitical risk, climate and supply chain failure are other major concerns for UK risk managers

Cyber threats are considered worse in 2022 than they were last year and the greatest risk for business. Nearly 80% of risk managers polled by Airmic said cyber was the threat most likely to keep them awake at night.

Meanwhile geopolitical risk, climate and net zero transition and supply chain failure were ranked in joint second place.

Set against a backdrop of an increasing frequency of ransomware attacks, rising rates and shrinking capacity for cyber insurance and geopolitical threats, it is no surprise that cyber continues to dominate the survey, having previously topped the 2021 and 2020 rankings.

Speaking at a press briefing on Day One of the Airmic 2022 conference in Liverpool, the risk association’s CEO Julia Graham said that many Airmic members were being expected to do more to counter cyber threats, but without the requisite boost in resources.

Nevertheless, UK corporates are improving their use of technology and systems to respond, and she questioned whether the increase in ransomware frequency was – in part - down to an increase in detection rates.

Ukraine spells uncertainty

Although the sustained and disruptive nature of cyber risks more broadly is likely partly to blame for risk professionals’ increased concern, found the research, it likely also reflects growing unease over cyber threats and risks triggered by the situation in Ukraine.

The conflict has broadened the geographical focus of some ransomware groups, which are now increasingly targeting organisations in jurisdictions perceived as leading the punitive response against Russia.

Hoe-Yeong Loke, head of research at Airmic, noted that disease and pandemic had dropped out of the top ten risks for 2022.

He thought this was a sign that companies had “embedded the right lessons from COVID-19”, with the ongoing conflict in Ukraine now top of mind for the risk management community.

“The war going on in Ukraine is of global and long-term importance to the gathering storm,” he said. “Companies need to invest in risk intelligence and constantly run ‘what-if’ scenarios.”

“Risk professionals are at the forefront as we steer through the storm. We need to be agile and ready to adapt.”

The survey showed that Environmental, Social, and Governance (ESG) strategy is a board-level priority for companies across all industries, with 72% of respondents now having a dedicated ESG team. But juggling short-term pressure to progress for COP27’s adaptation, alongside longterm aims such as embedding ESG into organisations’ DNA, means ESG is both a sprint and a marathon.

Over 50% of respondents expressed reputational damage as the chief concern about climate change and 54% of respondents believe that insurers should provide a set of key performance indicators (KPIs) relating to climate/ESG.