Security Experts:

Connect with us

Hi, what are you looking for?


Cyber Insurance

Execs Thinking Cyber Insurance for Protection

A new study from the Ponemon Institute shows that companies are increasingly looking towards cyber-security insurance to shield them in the event of a cyber-attack.

A new study from the Ponemon Institute shows that companies are increasingly looking towards cyber-security insurance to shield them in the event of a cyber-attack.

According to the report, which was sponsored by Experian Data Breach Resolution, 31 percent of the study’s 957 respondents have a policy and 39 percent said they were going to buy one. Among the companies that had a data breach incident in the past 24 months, 70 percent of respondents say the experience increased their interest in these policies.

The research also revealed that among the 56 percent of respondents that had breaches or “material security exploit” in the last two years, the average cost for one or more incidents was $9.4 million. Respondents estimate that the average potential financial risk of future incidents could be as high as $163 million. Most involved the loss of business confidential information, and many were due to negligence or mistakes. Cyber attacks such as distributed denial-of-service attacks that disrupt business operations were more common than attacks that caused damage to IT infrastructure, the report found.

“Companies worry about the financial impact following a data breach,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, in the statement. “Cyber insurance could be an important part of a risk management strategy to protect against potentially severe financial losses.”

Still, 30 percent of respondents said they had no interest in purchasing a policy at this time, citing price and concerns about too many exclusions, restrictions and uninsurable risks as roadblocks. However, 62 percent of those with policies however say the premiums are fair given the nature of the risk.

“According to 62 percent of respondents, their companies’ ability to deal with security threats improved following the purchase of the policy,” the report stated. “Assessments and other steps required to complete the purchase of the policy could have an impact on these improvements.”

“We are reaching a tipping point where the majority of companies we surveyed now rank cyber security risks as high as other major insurable business risks,” said Michael Bruemmer, vice president at Experian Data Breach Resolution, in a statement. “We anticipate that demand for cyber security insurance is likely to increase in response to evolving breach response policies.”

A copy of the report can be found here.

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

CISO Conversations

In this edition of CISO Conversations, SecurityWeek speaks to two city CISOs, from the City of Tampa, and from Tallahassee.