Cyber Insurance Statistics

Cyber insurance is a fast-growing market, and rightly so, given how cybercrime rages on. For this article, we gathered key statistics about cyber insurance to help you understand just how big of a market it is and what drives companies and individuals to get this type of insurance.

Cyber Insurance Statistics

Cyber insurance statistics cover a wide set of data about market size, claims, cybercrimes, and more, but let’s start with a general overview of the cyber insurance market.

Market Size and Predictions

Cyber insurance is already a big market, but it might grow even bigger in the future. Here’s what we know about the size of the cyber insurance industry so far:

• Market size: According to the latest available data, the global cyber insurance market was worth $7.8 billion in 2020.
• Future growth: Forecasts suggest that cyber insurance will grow into a $20 billion industry by 2025.
• Distribution: Business cyber insurance dominates the market. In 2018, 75 percent of cyber insurance premiums in the United States were for businesses. Only the remaining 25 percent, worth $500 million, were for [citation id=”1″]individuals.[/citation]

Cybercrime by the Numbers

One of the main drivers of the cyber insurance market growth is the rise in the number and severity of cybercrimes. Here are some of the most noteworthy statistics we’ve gathered about cybercrime:

• Ransomware is common (and often lucrative). In 2020, 1 in 6 businesses that fell victim to cyberattacks faced ransomware, and about half of them paid up the [citation id=”2″]ransom.[/citation]
• Cybercrime reports nearly doubled. The FBI’s Internet Crime Complaint Center (IC3) saw a 69 percent increase in the number of cybercrime reports it received in 2020 compared to 2019. On average, the FBI received 2,000 cybercrime reports per day in [citation id=”3″]2020.[/citation]
• Data breaches affect personal data. In 2020 alone, data breaches exposed over 37 billion personal records, 82 percent of which came from only five [citation id=”4″]breaches.[/citation] Data breaches affect not only companies and organizations, but also the people whose information is in the exposed records.
• Identity fraud causes serious losses. Identity fraud losses in 2020 cost its 49 million victims $56 billion in total. That breaks down to $1,100 per [citation id=”5″]victim.[/citation]
• Cyber attacks are the most common: For those that are slightly to somewhat familiar with cyber insurance, 70 percent have experienced a cyber attack, followed by identity theft at 69 percent, cyberbullying at 64 percent, and cyber extortion at 69 percent.

Cyber Insurance and the COVID-19 Pandemic

The COVID-19 pandemic also contributed to the fast growth of the cyber insurance market. The pandemic accelerated the digitalization of business operations, as it forced businesses to adopt work-from-home setups. Unfortunately, the abrupt implementation of these setups created a larger surface area for cyberattackers to exploit. These numbers from the FBI IC3 show the difference between the number of cybercrime reports it received pre-pandemic in 2019 and during the pandemic in 2020.

Additionally, Interpol reported that these types of cyberattacks have flourished amidst the pandemic:

• Phishing
• Disruptive malware such as ransomware and distributed denial-of-service (DDoS) attacks
• Data-harvesting malware like spyware
• Malicious domains containing keywords like “coronavirus” and [citation id=”6″]“COVID”[/citation]

Cyber Insurance Claims Statistics

Cyber insurance covers a wide variety of cyberattacks, but statistics show that most cyber insurance claims from businesses relate to breaches. A 2020 study showed that 73 percent of insurance claims between 2013 and 2019 fell under the insuring clause of incident response and crisis management of breaches. Data privacy liability, cyber extortion, network business interruptions, and recovery and restoration of data assets were the five most common cyber insurance [citation id=”7″]claims.[/citation]

The same study found that data breaches were also the most frequently reported loss events — that is, cyber incidents that caused companies to lose money. Breaches also caused the largest amount of losses, followed by business interruptions, ransomware, DDoS attacks, and social engineering fraud.

Familiarity and Experience with Cyber Insurance

We asked U.S. adults about their familiarity with cyber insurance, whether they have used it, and if not, why.

• 66 percent of U.S. adults are familiar with cyber insurance in general. Of those who have experienced cyber crime, 59 percent are somewhat to very familiar with cyber crime, compared to 35 percent of those who haven’t experienced cyber crime.
• For those who have not bought cyber insurance, the main reason they don’t have policies currently is needing to do more research at 40 percent. The second most common reason is thinking that it costs too much at 34 percent.
• 43 percent of U.S. adults think that annual premiums for personal cyber insurance policies of up to $25,000 of coverage cost under $100. Only seven percent believed that number to be above $200.

>> Also read: A Guide to Understanding Cyber Insurance

Data Breach Insights

Seeing that data breaches are the most common cyber-related problems of businesses today, we think it’s only appropriate to look deeper into the issue.

What Is a Cybersecurity Breach?

A cybersecurity breach is any incident in which an unauthorized third party gains access to computer data, networks, devices, or applications. For businesses, cybersecurity breaches can have these serious consequences, to name a few:

• Leaks of customers’ personally identifiable information (PII) that can lead to identity theft
• Financial losses due to legal actions, liabilities, incident response, etc.
• Business interruption
• Damage to reputation and loss of customers
• Loss of intellectual property
• Vandalism of websites
• Ransoms (e.g., when the attacker threatens to leak or destroy company data unless the business pays a ransom)

Causes of Data Breaches

Cybersecurity breaches are often a result of cyberattacks, but Verizon’s 2020 Data Breach Investigations Report shows that’s not always the case. The report found that these were the top causes of data breaches in 2020:

• Hacking: Hackings allowed unauthorized entities to access and steal data by defeating businesses’ cybersecurity measures.
• Errors: The specific nature of the errors varied, including weak employee passwords and system failures that allowed access to unauthorized third parties.
• Social attacks: Social attacks included phishing scams as well as the more advanced spear-phishing scams that target one individual, business, or organization in particular.
• Malware: Actors of breaches used malware to install backdoor access to company data.
• Misuse by authorized users: Some breaches resulted from insiders with authorized access deliberately abusing their companies’ systems for financial or personal gain.
• Physical actors: Physical actors who stole devices that held sensitive data also caused a significant number of [citation id=”8″]breaches.[/citation]

Data Breaches and Small Businesses

Data breaches mostly target large enterprises, because cybercriminals stand to gain more from companies that have more data assets than smaller businesses. However, that doesn’t mean small businesses are safe from data breaches.

• Data breaches in large companies: 72 percent of data breaches affected large companies in 2020, according to Verizon’s report.
• Data breaches in small businesses: The remaining 28 percent of breaches targeted small businesses.

Data Breach Statistics: Cost, Frequency, Severity

Data breaches are undoubtedly a huge problem for large enterprises and small businesses alike, but how huge, exactly?

• Cost of breaches globally: On average, data breaches cost companies $3.86 million.
• Cost of breaches in the U.S.: The U.S. is the most expensive country for data breaches. The average cost of a data breach in the U.S. was $8.64 million in 2020.
• Other consequences of breaches: Breaches also decrease productivity and disrupt workflows. It took companies 280 days on average to identify and resolve data [citation id=”9″]breaches.[/citation]

As for the frequency and severity of data breaches, here’s what we found out:

• Fewer publicly reported breaches: There were 3,932 publicly reported breach incidents in 2020, which is 48 percent lower than in 2019. However, that doesn’t mean the number of breaches actually declined. According to our source, disruptions at certain governmental sources, delays in reporting, and declining media coverage all contributed to the decrease in publicly reported breaches in 2020.
• More exposed records: While 1,932 (49 percent) of the publicly reported breaches didn’t expose any records, breaches in 2020 still reached a record-breaking number of exposed records — over 37 billion.

In sum, while there were fewer publicly reported breach incidents in 2020 than in the previous year, the severity of those breaches [citation id=”10″]increased.[/citation]

Benefits of Cyber Insurance

It’s clear that cyberthreats like data breaches are here to stay, and so is cyber insurance. Here are some of its top benefits.

For Individuals

• Financial loss reimbursement: Cyber insurance will reimburse your losses that are direct results of cyberattacks like ransomware, identity theft, and fraud.
• Identity theft protection: Criminals can use information from breaches to commit identity theft and fraud. While cyber insurance can’t stop breaches from happening, it can help you retrieve stolen data and prevent its use in future identity theft.
• Recovery from cyberattacks: Unlike identity theft insurance, which only helps you recover from identity theft, cyber insurance helps individuals recover from a wide variety of cyberattacks, including cyberbullying. Some cyber insurance policies cover reimbursements for lost wages, legal fees, or private tutoring fees that are results of cyberbullying.

For Businesses

• Legal fees coverage: Legal fees resulting from cyberattacks such as data breaches can pile up quickly. If your business has cyber insurance coverage, you will receive some help covering those fees. The maximum coverage amounts of cyber insurance providers range far and wide, from $1 million to $100 million per claim.
• Recovery from a breach: Cyber insurance can help you deal with breaches, from helping you issue state-mandated customer notifications to recovering compromised data.
• Online vandalism recovery: Cyber insurance can assist in your business’s recovery if you experience cyber vandalism. Insurance providers can reimburse you for lost funds, such as a loss of productivity and customers.

Protecting Businesses From Cyberattacks

While cyber insurance will cover your losses from cyberattacks, wouldn’t it be better if you weren’t attacked at all? Here are a few digital security tips to protect yourself and your business from cyber risks like data security breaches:

• Invest in good antivirus software. Antivirus software can prevent cyberattacks that involve malware, so it’s important to invest in the best business antivirus solutions.
• Invest in a good VPN. Similarly, VPNs can protect you from hackers and DDoS attacks, so investing in one of the best VPNs for businesses is also crucial.

• Build a firewall. Firewalls can prevent and detect cyberattacks coming from outside of or within your company. Activating your company emails’ spam filters can also prevent phishing scams.
• Encrypt your data. Encrypting your data is another effective way to protect your business from cyberattacks, especially if you have remote workers. Encryption prevents anyone besides authorized individuals from accessing company files.
• Encourage good password hygiene among employees. While you can’t control how every employee handles their digital security, you can encourage them to practice good password hygiene, especially on their workplace accounts.
• Use two-factor authentication on company computers. Multifactor authentication uses biometrics to verify the identities of employees logging on to their computers, ensuring no one besides authorized users can access your system.

Recap

Numbers don’t lie, and the numbers we just discussed taught us a few things about cyber insurance. One, cyber insurance is a fast-growing market. Two, the rise in cybercrime, particularly due to the COVID-19 pandemic, drives companies and individuals to get cyber insurance. Three, breaches cause the biggest problems for businesses, both large and small. Lastly, cyber insurance is beneficial in recovery from cyberattacks.