Average Data Breach CostsBI Intelligence
Companies are more worried than ever about the looming threat of hackers penetrating their networks. In the last year, the number of records exposed in data breaches rose 97%, according to the Identity Theft Resource Center.
The frequency and sophistication of cyber attacks are at an all-time high, and the costs associated with data breaches continue to rise. While companies are investing more in cybersecurity to ward off attacks, they know they won’t be able to spend their way to absolute security. A cybersecurity team of more than 1,000 staffers with a budget of $250 million wasn’t enough to save JPMorgan Chase from getting hacked in 2014. As a result, companies are turning to cyber insurance to help mitigate the costs of a potential breach.
However, insurers have been slow to extend cyber insurance to many businesses, as they have yet to develop proven tools to help them assess the risks and costs associated with cyber attacks. Cyber insurance policies also often have high premiums and low coverage limits to help protect insurers from incurring too much exposure to a cyber attack.
Here are some key takeaways from the report: 
  • Cyber insurance plans cover a variety of costs related to cyber attacks, including revenue lost from downtime, notifying customers impacted by a data breach, and providing identity theft protection for such customers.
  • Annual cyber insurance premiums will more than double over the next four years, growing from to ~$8 billion in 2020.
  • However, many insurance companies have been hesitant to offer cyber insurance because of the high frequency of cyber attacks and their steep costs. For example, Target’s notorious data breach cost the company more than $260 million.
  • Insurers also don’t have enough historical data about cyber attacks to help them fully understand their risks and exposures.
  • There are large underserved markets with very low cyber insurance adoption rates such as the manufacturing sector, where less than 5% of businesses have cyber insurance coverage.