U.S. small and medium-sized businesses (SMBs) are increasingly vulnerable to cyberattacks, a trend that may lead more of these companies to purchase cyber insurance in the foreseeable future, according to a report from the Insurance Information Institute (III).
Key findings from III's "Small Business and Cyber Insurance" report included:
- 55 percent of U.S. SMBs experienced a cyberattack over the last year. In addition, 50 percent suffered a data breach during this time frame.
- Nearly 40 percent experienced a ransomware attack in the last year. Among these businesses, more than one-third lost revenue.
- 14 percent rated their ability to mitigate cyber risks, vulnerabilities and attacks as highly effective.
As SMBs become more aware of their exposure to cyber threats, many of these companies likely will purchase cyber insurance in the years to come, III indicated.
SMB Cyber Insurance: Here's What You Need to Know
Large companies are more likely than SMBs to purchase cyber insurance, according to III. However, cyber insurance is quickly becoming a must-have for businesses of all sizes.
III pointed out that SMBs can receive the following types of cyber insurance coverage:
- Computer Attack: Protects a business against the costs associated with damage to data and systems caused by a computer attack.
- Cyber Extortion: Helps a business cover the costs to settle an "extortion" attempt against its network.
- Data Breach Response and Liability: Offers protection against the costs and legal liability related to a data breach.
- Funds Transfer Fraud: Safeguards a business against losses from the transfer of funds due to fraudulent instructions from a person who claimed to be a vendor, client or authorized employee.
- Media Liability: Covers the defense costs and damages for copyright infringement and negligent publication of media claims for companies that publish online content.
- Network Security Liability: Provides defense and liability coverage against third-party lawsuits that allege damage due to inadequate network security.
Cyber insurance endorsements and packages are available that account for the security needs of SMBs in a variety of industries, III stated. These endorsements and packages help insurers tailor their cyber coverage offerings to SMBs around the globe.
The Future of SMB Cyber Insurance
Insurance Services Office (ISO), a subsidiary of Verisk Analytics, has developed a cyber product that offers protection to SMBs with up to $250 million in annual revenue, III indicated. The product helps protect SMBs if they uncover a cyber incident, even if the incident occurred before the policy went into effect.
Meanwhile, the global cyber insurance market is expected to grow at a compound annual growth rate (CAGR) of nearly 28 percent between 2016 and 2022, market research firm Allied Market Research said in a prepared statement. Allied also has projected this sector could be worth $14 billion by 2022.
As the global demand for cyber insurance increases, insurance companies may bolster their cyber coverage for SMBs, III noted. As a result, insurers will make it easier than ever before for SMBs to purchase cyber insurance to supplement their cybersecurity strategies and technologies.
"Insurance has an important role to play in mitigating some of the costs that arise from breaches and attacks," III wrote in its report. "At the same time, SMBs need to embrace the many loss prevention tools and services now available as they look to build cyber resilience."