top of page
Image by Christian Wiediger


cybersecurity insurance

What is Cybersecurity Insurance (cybersecurity liability insurance)?

Causes of Data Breaches

Cybersecurity breaches are often a result of cyberattacks, but Verizon’s 2020 Data Breach Investigations Report shows that’s not always the case. The report found that these were the top causes of data breaches in 2020:

  • Hacking: Hackings allowed unauthorized entities to access and steal data by defeating businesses’ cybersecurity measures.

  • Errors: The specific nature of the errors varied, including weak employee passwords and system failures that allowed access to unauthorized third parties.


  • Social attacks: Social attacks included phishing scams as well as the more advanced spear-phishing scams that target one individual, business, or organization in particular.

  • Malware: Actors of breaches used malware to install backdoor access to company data.

  • Misuse by authorized users: Some breaches resulted from insiders with authorized access deliberately abusing their companies’ systems for financial or personal gain.

  • Physical actors: Physical actors who stole devices that held sensitive data also caused a significant number of breaches.8


Note from our Experts: Business cyber insurance doesn’t always cover social engineering attacks, such as phishing and spear-phishing, even though these are the third most common cause of breaches. Sometimes, this protection is available as an add-on.

Data Breaches and Small Businesses


  • Data breaches mostly target large enterprises, because cybercriminals stand to gain more from companies that have more data assets than smaller businesses. However, that doesn’t mean small businesses are safe from data breaches.

  • Data breaches in large companies: 72 percent of data breaches affected large companies in 2020, according to Verizon’s report.

  • Data breaches in small businesses: The remaining 28 percent of breaches targeted small businesses.

Data Breach Statistics: Cost, Frequency, Severity

Data breaches are undoubtedly a huge problem for large enterprises and small businesses alike, but how huge, exactly?

  • Cost of breaches globally: On average, data breaches cost companies $3.86 million.

  • Cost of breaches in the U.S.: The U.S. is the most expensive country for data breaches. The average cost of a data breach in the U.S. was $8.64 million in 2020.

  • Other consequences of breaches: Breaches also decrease productivity and disrupt workflows. It took companies 280 days on average to identify and resolve data breaches.9


As for the frequency and severity of data breaches, here’s what we found out:

  • Fewer publicly reported breaches: There were 3,932 publicly reported breach incidents in 2020, which is 48 percent lower than in 2019. However, that doesn’t mean the number of breaches actually declined. According to our source, disruptions at certain governmental sources, delays in reporting, and declining media coverage all contributed to the decrease in publicly reported breaches in 2020.


  • More exposed records: While 1,932 (49 percent) of the publicly reported breaches didn’t expose any records, breaches in 2020 still reached a record-breaking number of exposed records — over 37 billion.

In sum, while there were fewer publicly reported breach incidents in 2020 than in the previous year, the severity of those breaches increased.10

Benefits of Cyber Insurance

It’s clear that cyberthreats like data breaches are here to stay, and so is cyber insurance. Here are some of its top benefits.

For Individuals

  • Financial loss reimbursement: Cyber insurance will reimburse your losses that are direct results of cyberattacks like ransomware, identity theft, and fraud.

  • Identity theft protection: Criminals can use information from breaches to commit identity theft and fraud. While cyber insurance can’t stop breaches from happening, it can help you retrieve stolen data and prevent its use in future identity theft.

  • Recovery from cyberattacks: Unlike identity theft insurance, which only helps you recover from identity theft, cyber insurance helps individuals recover from a wide variety of cyberattacks, including cyberbullying. Some cyber insurance policies cover reimbursements for lost wages, legal fees, or private tutoring fees that are results of cyberbullying.

For Businesses


  • Legal fees coverage: Legal fees resulting from cyberattacks such as data breaches can pile up quickly. If your business has cyber insurance coverage, you will receive some help covering those fees. The maximum coverage amounts of cyber insurance providers range far and wide, from $1 million to $100 million per claim.

  • Recovery from a breach: Cyber insurance can help you deal with breaches, from helping you issue state-mandated customer notifications to recovering compromised data.

  • Online vandalism recovery: Cyber insurance can assist in your business’s recovery if you experience cyber vandalism. Insurance providers can reimburse you for lost funds, such as a loss of productivity and customers.


Protecting Businesses From Cyberattacks

While cyber insurance will cover your losses from cyberattacks, wouldn’t it be better if you weren’t attacked at all? Here are a few digital security tips to protect yourself and your business from cyber risks like data security breaches:

  • Invest in good antivirus software. Antivirus software can prevent cyberattacks that involve malware, so it’s important to invest in the best business antivirus solutions.

  • Invest in a good VPN. Similarly, VPNs can protect you from hackers and DDoS attacks, so investing in one of the best VPNs for businesses is also crucial.

  • Build a firewall. Firewalls can prevent and detect cyberattacks coming from outside of or within your company. Activating your company emails’ spam filters can also prevent phishing scams.

  • Encrypt your data. Encrypting your data is another effective way to protect your business from cyberattacks, especially if you have remote workers. Encryption prevents anyone besides authorized individuals from accessing company files.

  • Encourage good password hygiene among employees. While you can’t control how every employee handles their digital security, you can encourage them to practice good password hygiene, especially on their workplace accounts.

  • Use two-factor authentication on company computers. Multifactor authentication uses biometrics to verify the identities of employees logging on to their computers, ensuring no one besides authorized users can access your system.


bottom of page