Cyber Insurance: Common Claims and Statistics
Sunday, April 30, 2023
As cyberattacks continue to grow in frequency and sophistication, it’s more important than ever to protect your business finances from costly cyber-related incidents. In fact, if your company uses the internet to operate in any capacity, it may be time to get cyber security insurance. In this article, we’ll explore the most common cyber insurance claims and the statistics behind them.
Data Breaches: The Most Common Claim
A Willis Towers Watson report found that between 2013 and 2019, 73% of cyber insurance claims were due to data breaches and the costs associated with the incident response. In case that number doesn’t quite register, here is another way to think of it: it is very likely that your business will at some point have a data breach — if it hasn’t already.
According to IBM, around 83% of businesses experience one or more data breaches over the course of their operation. Shockingly, Astra reports that 90% of healthcare institutions have experienced at least one security data breach in the previous few years!!
But the healthcare industry and large corporations are not the only ones at risk. According to Cyphere, a whopping 56% of cybersecurity claims originated from companies with less than $25 million in revenue in 2022 with an average claim of $345,000.
The Cost of a Data Breach
Data breaches also have extremely high costs associated with them. IBM reported that the average cost of a data breach for businesses is $4.35 million annually worldwide. In the United States, this number is closer to $9.44 million! This cost includes expenses such as notification and credit monitoring for affected customers, legal fees, and fines imposed by regulatory agencies.
The top 5 causes of a data breach and associated costs, according to IBM, are:
- Phishing – $4.91 million
- Business email compromise – $4.89 million
- Vulnerability in third-party-software – $4.55 million
- Stolen or compromised credentials – $4.50 million
- Malicious insider – $4.18 million
How Much Does Data Breach Insurance Cost?
Data breach insurance is a special type of cyber insurance that specifically covers the costs associated with a data breach. The cost of data breach insurance varies depending on the size of the business and the amount of coverage needed. Small businesses can expect to pay around $50 on average if the policy is added to their general liability policy. If added as a standalone policy, it may be closer to $150 a month.
Due to the high costs associated with a data breach incident, small businesses should consider a data breach insurance policy. Close to 60% of small businesses close within 6 months of a cyber attack.
Depending on the specifics of your data breach insurance policy, it may help pay to:
- Notify those who were affected by the breach
- Manage public relations
- Provide credit monitoring to victims
- Replace lost income
- Cover claims from a breach before your policy began
- Provide some level of protection from ransoms related to stolen data
A Cyber Insurance Claim on the Rise: Ransomware Attacks
Ransomware attacks — a type of malware that encrypts a victim’s files and demands a ransom in exchange for the decryption key — are another common cyber insurance claim.
According to Astra, almost 240 million ransomware attacks occurred worldwide in just the first 6 months of 2022. To put that into perspective, that’s 1.7 million ransomware attacks every day — about 20 attacks every second! Attacks are expected to cost businesses $265 billion by 2031.
Cyber Liability Insurance
Ransomware attacks are generally protected under cyber liability insurance rather than a standalone ransomware insurance policy. A liability policy covers the costs associated with a ransomware attack and also provides coverage for a number of other online activities.
Depending on your specific policy, cyber liability insurance could provide some degree of coverage for:
- Ransomware attacks/cyber extortion
- Expenses due to litigation
- Investigations
- Regulatory defense expenses/fines
- Fees for crisis management
- Business interruption
The cost of cyber liability insurance varies depending on the level of coverage and the size of the business. Small businesses can expect to pay less than $2,000 a year, while the cost for larger businesses can be much higher.
Other Cyber Insurance Claims & Coverage
In addition to data breaches and ransomware attacks, cyber insurance coverage can include other types of cyber-related incidents, such as:
- Stolen funds
- Problems as a result of human error
- Phishing
- Damaged digital assets
- Malware/viruses
- Impersonation
- Rogue employees
- DDoS attack
- Unauthorized access
- Misleading communications
The Importance of Strong Cybersecurity Measures
While cyber insurance can provide valuable protection for businesses, it’s important to note that it’s not a substitute for strong cybersecurity measures. Cybersecurity insurance should be viewed as a part of a comprehensive cybersecurity strategy, which includes measures such as employee training, regular software updates, and strong passwords. Without these measures, businesses may be at a higher risk of cyberattacks, which can lead to higher insurance premiums and more frequent claims.
Cyber insurance is an important tool for businesses to protect themselves from the financial costs of cyberattacks and other cyber-related incidents. If you think you may need cyber insurance, contact your trusted team at Independent Insurance Associates. We’re here to support you!