Cyber penetration booms 85% in 6 years: Report

But there’s still a great degree of opportunity of increased education and risk mitigation efforts, Zurich’s Advisen survey finds

Cyber

By

Increased awareness of risk and an uptick in contractual requirements has fueled a dramatic 85% increase in the number of businesses purchasing cyber insurance, according to Zurich Insurance’s 2016 Advisen cyber report.

Based on survey responses from 345 US risk professionals, researchers determined that 65% of small and mid-sized businesses have cyber coverage, up from 35% in 2011. Businesses in industries that handle a substantial amount of personally identifiable and health or financial information are doing much of the purchasing, strongly driven by a higher level of understanding related to data security risks.

In general, businesses in healthcare, finance and banking, and retail and communications take cyber risk more seriously and are more likely to be insured, with risk management strategies in place, the Advisen report found. In fact, 76% of respondents from these “data-driven industries” said they view cyber risk as a significant threat, compared with just 55% from non-data-driven industries who feel the same.

There are some indications, however, that the rate of market penetration is slowing. There was just a 7% increase in insurance purchase from 2015 to 2016, compared to an 18% increase the year before.

More concerning is the steadfast belief among some businesses that their cyber exposure is minimal. The top reason respondents do not purchase a cyber policy, for example, is they believe their organization is not susceptible to a cyber-related loss.

There is also some evidence that a plurality of businesses are not proactively managing risk. A full 21% of respondents say they do not have an employee education program in place, despite indicating that “the human element” of cyber risk – including social engineering tactics like spear phishing – are of serious concern.

Still, 87% of respondents overall say they believe a technology-related interruption would have a moderate- to significant impact on their business and 97% say they understand the importance of collaboration between their risk management and IT departments on cyber issues.

As the industry continues to reach out and educate business owners, the take-up rate among American enterprises will likely grow.

Related Stories:

Cyber policies may not cover important risk exposures

Keep up with the latest news and events

Join our mailing list, it’s free!