As cyberattacks increasingly target industrial systems, manufacturers in Asia Pacific face a growing protection gap from cyber-physical damage, according to a recent report from specialist insurer Tokio Marine Kiln (TMK).
In 2024, the Asia-Pacific region will become the main target of global cyber incidents, accounting for approximately one-third of all global cases and growing by 13% year-on-year.
Manufacturing is the most attacked industry in the region, with system intrusion attacks in this industry having surged from 38% to nearly 80%.
This increase in activity exposes a critical vulnerability in that traditional insurance structures may not respond as intended when cyber incidents impact physical operations.
Cyber policies typically do not cover physical damage, while property policies do not cover cyber-related perils; creating a potential coverage gap in the event of cyber physical damage and resulting business interruption.
TMK’s underwriting data also reveals gaps between insurance purchasing trends and underlying risks. While large regional businesses purchase multimillion-dollar property plans for industrial assets, they are often uninsured for cyberattack losses.
Industries such as manufacturing, logistics, healthcare, utilities, and power generation operations are among the most affected, primarily because of their reliance on interconnected systems and operational technologies.
Highly integrated production networks mean disruption at one location can have wider regional and global consequences, the report said.
Georgie Furness-Smith, cyber underwriter at TMK Asia, said: “As operational technology becomes increasingly integrated with IT systems, cyberattacks are increasingly targeting systems that control industrial activity, increasing the likelihood of physical operational disruption affecting machinery, facilities and production processes.
“One of the reasons this risk is under-insured is that it has not yet translated into large visible losses, so it is not always a priority for buyers. However, the potential risk is increasing. We are seeing more and more attacks targeting systems that control industrial operations, and the way these risks are assessed and insured is still largely based on traditional IT risks.”
She concluded: “Securing cyber physical compromise risks requires a different level of understanding – not just of cybersecurity, but of how industrial systems perform under stress. This is where the gap between exposure and protection becomes most apparent.”
TMK said the likelihood of cyber incidents impacting physical processes is likely to increase, driven primarily by growth in automation, industrial connectivity and artificial intelligence-driven systems.
The company said that while specialist insurance solutions are starting to emerge, their role is still limited, with TMK being one of the few insurers offering active cover designed to address cyber-induced physical damage and resulting business disruption.
