top of page
Image by Christian Wiediger


cybersecurity insurance

What is Cybersecurity Insurance (cybersecurity liability insurance)?

Cyber Insurance Claims Statistics

Cyber insurance covers a wide variety of cyberattacks, but statistics show that most cyber insurance claims from businesses relate to breaches. A 2020 study showed that 73 percent of insurance claims between 2013 and 2019 fell under the insuring clause of incident response and crisis management of breaches. Data privacy liability, cyber extortion, network business interruptions, and recovery and restoration of data assets were the five most common cyber insurance claims.7


The same study found that data breaches were also the most frequently reported loss events — that is, cyber incidents that caused companies to lose money. Breaches also caused the largest amount of losses, followed by business interruptions, ransomware, DDoS attacks, and social engineering fraud.

Familiarity and Experience with Cyber Insurance

We asked U.S. adults about their familiarity with cyber insurance, whether they have used it, and if not, why.

  • 66 percent of U.S. adults are familiar with cyber insurance in general. Of those who have experienced cyber crime, 59 percent are somewhat to very familiar with cyber crime, compared to 35 percent of those who haven’t experienced cyber crime.

  • For those who have not bought cyber insurance, the main reason they don’t have policies currently is needing to do more research at 40 percent. The second most common reason is thinking that it costs too much at 34 percent.

  • 43 percent of U.S. adults think that annual premiums for personal cyber insurance policies of up to $25,000 of coverage cost under $100. Only seven percent believed that number to be above $200.

Data Breach Insights

Seeing that data breaches are the most common cyber-related problems of businesses today, we think it’s only appropriate to look deeper into the issue.

What Is a Cybersecurity Breach?


A cybersecurity breach is any incident in which an unauthorized third party gains access to computer data, networks, devices, or applications. For businesses, cybersecurity breaches can have these serious consequences, to name a few:

  • Leaks of customers’ personally identifiable information (PII) that can lead to identity theft

  • Financial losses due to legal actions, liabilities, incident response, etc.

  • Business interruption

  • Damage to reputation and loss of customers

  • Loss of intellectual property

  • Vandalism of websites

  • Ransoms (e.g., when the attacker threatens to leak or destroy company data unless the business pays a ransom)


Did You Know: If a company you do business with experiences a breach, see if the breach leaked or affected your personal data in any way. Change your passwords and update your email security features right away.

What is Cybersecurity Insurance (cybersecurity liability insurance)?

Causes of Data Breaches

Cybersecurity breaches are often a result of cyberattacks, but Verizon’s 2020 Data Breach Investigations Report shows that’s not always the case. The report found that these were the top causes of data breaches in 2020:

  • Hacking: Hackings allowed unauthorized entities to access and steal data by defeating businesses’ cybersecurity measures.

  • Errors: The specific nature of the errors varied, including weak employee passwords and system failures that allowed access to unauthorized third parties.


  • Social attacks: Social attacks included phishing scams as well as the more advanced spear-phishing scams that target one individual, business, or organization in particular.

  • Malware: Actors of breaches used malware to install backdoor access to company data.

  • Misuse by authorized users: Some breaches resulted from insiders with authorized access deliberately abusing their companies’ systems for financial or personal gain.

  • Physical actors: Physical actors who stole devices that held sensitive data also caused a significant number of breaches.8


Note from our Experts: Business cyber insurance doesn’t always cover social engineering attacks, such as phishing and spear-phishing, even though these are the third most common cause of breaches. Sometimes, this protection is available as an add-on.

Data Breaches and Small Businesses


  • Data breaches mostly target large enterprises, because cybercriminals stand to gain more from companies that have more data assets than smaller businesses. However, that doesn’t mean small businesses are safe from data breaches.

  • Data breaches in large companies: 72 percent of data breaches affected large companies in 2020, according to Verizon’s report.

  • Data breaches in small businesses: The remaining 28 percent of breaches targeted small businesses.

Data Breach Statistics: Cost, Frequency, Severity

Data breaches are undoubtedly a huge problem for large enterprises and small businesses alike, but how huge, exactly?

  • Cost of breaches globally: On average, data breaches cost companies $3.86 million.

  • Cost of breaches in the U.S.: The U.S. is the most expensive country for data breaches. The average cost of a data breach in the U.S. was $8.64 million in 2020.

  • Other consequences of breaches: Breaches also decrease productivity and disrupt workflows. It took companies 280 days on average to identify and resolve data breaches.9


As for the frequency and severity of data breaches, here’s what we found out:

  • Fewer publicly reported breaches: There were 3,932 publicly reported breach incidents in 2020, which is 48 percent lower than in 2019. However, that doesn’t mean the number of breaches actually declined. According to our source, disruptions at certain governmental sources, delays in reporting, and declining media coverage all contributed to the decrease in publicly reported breaches in 2020.


  • More exposed records: While 1,932 (49 percent) of the publicly reported breaches didn’t expose any records, breaches in 2020 still reached a record-breaking number of exposed records — over 37 billion.

In sum, while there were fewer publicly reported breach incidents in 2020 than in the previous year, the severity of those breaches increased.10

Benefits of Cyber Insurance

It’s clear that cyberthreats like data breaches are here to stay, and so is cyber insurance. Here are some of its top benefits.

For Individuals

  • Financial loss reimbursement: Cyber insurance will reimburse your losses that are direct results of cyberattacks like ransomware, identity theft, and fraud.

  • Identity theft protection: Criminals can use information from breaches to commit identity theft and fraud. While cyber insurance can’t stop breaches from happening, it can help you retrieve stolen data and prevent its use in future identity theft.

  • Recovery from cyberattacks: Unlike identity theft insurance, which only helps you recover from identity theft, cyber insurance helps individuals recover from a wide variety of cyberattacks, including cyberbullying. Some cyber insurance policies cover reimbursements for lost wages, legal fees, or private tutoring fees that are results of cyberbullying.

For Businesses


  • Legal fees coverage: Legal fees resulting from cyberattacks such as data breaches can pile up quickly. If your business has cyber insurance coverage, you will receive some help covering those fees. The maximum coverage amounts of cyber insurance providers range far and wide, from $1 million to $100 million per claim.

  • Recovery from a breach: Cyber insurance can help you deal with breaches, from helping you issue state-mandated customer notifications to recovering compromised data.

  • Online vandalism recovery: Cyber insurance can assist in your business’s recovery if you experience cyber vandalism. Insurance providers can reimburse you for lost funds, such as a loss of productivity and customers.


Protecting Businesses From Cyberattacks

While cyber insurance will cover your losses from cyberattacks, wouldn’t it be better if you weren’t attacked at all? Here are a few digital security tips to protect yourself and your business from cyber risks like data security breaches:

  • Invest in good antivirus software. Antivirus software can prevent cyberattacks that involve malware, so it’s important to invest in the best business antivirus solutions.

  • Invest in a good VPN. Similarly, VPNs can protect you from hackers and DDoS attacks, so investing in one of the best VPNs for businesses is also crucial.

  • Build a firewall. Firewalls can prevent and detect cyberattacks coming from outside of or within your company. Activating your company emails’ spam filters can also prevent phishing scams.

  • Encrypt your data. Encrypting your data is another effective way to protect your business from cyberattacks, especially if you have remote workers. Encryption prevents anyone besides authorized individuals from accessing company files.

  • Encourage good password hygiene among employees. While you can’t control how every employee handles their digital security, you can encourage them to practice good password hygiene, especially on their workplace accounts.

  • Use two-factor authentication on company computers. Multifactor authentication uses biometrics to verify the identities of employees logging on to their computers, ensuring no one besides authorized users can access your system.


bottom of page