The rapid increase in cybercrime has also resulted in the subsequent increase in cyber insurance claims. This article aims to better understand how cyber insurance claims are growing by analyzing related statistics. Along with cyber insurance claims statistics, this article will also analyze the growing cyber insurance market with relevant statistics and projections.
Top Cyber Insurance Claims Statistics 2023
Here’s a quick look at the top cyber insurance claims statistics for 2022-2023:
- 73% of cyber insurance claims from 2013-2019 were due to data breaches, incident response, and crisis management.
- Targeting smaller businesses are now a norm with over 56% of claims rising from SMEs under 25 million dollars in revenue.
- The average insurance claim cost for an SME is $ 345,000.
- A 2022 survey indicated that only 19% of organizations have cyber insurance for events beyond $ 600,000.
- One of the largest insurers with $ 404,144, 104 worth of premiums written and 14.7% market shares is Chubb Ltd Grp.
- Ransomware caused about 81% of claims involving recovery expense losses.
- Claims grew by 100% in the past three years while claims closed with payments grew by 200% with around 8100 claims paid in 2021.
- The frequency of cyber insurance claim triggers is the highest for the healthcare industry, followed by IT and communications, Insurance, and Retail.
- 27% of data breach claims and 24% of first-party claims had exclusions within the insurance package that resulted in non-payout or partial payouts.
- 1,153 cyber insurance claims in 2022 were due to business email compromise scams.
Cyber Insurance Claims Statistics
Cyber insurance usually covers a wide range of cyber accidents and crimes. In this section, we aim to take a close look at cyber insurance claims statistics based on the type of industry affected as well as based on the type of cyber crimes which triggered the claims.
- 9% of cyber insurance claims during the 2019-2021 period was for privacy breach, 2% for data asset protection, and 1% for social engineering attacks among other reasons.
- A questionnaire-based survey by security.org found that 66% of the U.S. population is aware of cyber insurance.
- Two major reasons attributed to the lack of cyber insurance policies are needing to do more research at 40% and its high expense at 34%.
- In a cyber insurance claim due to a data breach, 71% of the loss falls under cyber policy coverage which is made up of insurer payments up to 44% and insured payments with retention at 27%.
- In a data breach insurance claim, the major chunk of its average cost can be broken down accordingly, forensic costs at 21%, defense at 18%, legal advice and cybersecurity experts at 13%, and credit monitoring and theft monitoring services come up to 14%.
- In 2% of cyber insurance claims the total cost of a breach exceeded 100 million.
- Two of the most frequently seen reasons for coverage not getting triggered are the use of unapproved vendors and activity without insurer consent.
- In the case of healthcare-related claims, the triggering causes were: Malicious data breach- 18% Accidental data breach- 29% Ransomware- 8% Stolen/Lost devices- 16%
- Major reasons for insurance claims in the IT and Communications sector were: Malicious data breach- 24% Accidental data breach- 18% Ransomware- 11% Social Engineering- 10%
- The insurance sector faced major loss and claims triggers through the following events: Malicious data breach- 39% Accidental data breach- 35% Ransomware- 4% Social engineering-7%
- With retail and wholesale businesses, the significant causes of an insurance claim where: Malicious data breach- 30% Social engineering- 11% Accidental data breach- 8%
- Manufacturing organizations faced cyber insurance claims for the following events: Malicious data breach- 22% Social engineering- 30% Ransomware- 9%
- According to the 2022 cyber insurance claims report by Coalition, the ransomware model has begun to mature and the average demand made on customers increased by 20% while the severity of the claims increased by 10%.
- Small businesses saw a 40% increase in ransomware attacks and a 56% increase in fund transfer fraud incidents.
- Losses from Fund Transfer Fraud saw a 69% increase from 2020 to 2021 with a 68% frequency increase for companies with a revenue between $25 – $100 million and a 21% increase for businesses with revenue under $25 million.
- The first half of 2021 saw 40% of cyber attacks being caused by email phishing.
- Small organizations with revenue under $25 million that use Microsoft Exchange saw a 103% increase in cyber insurance claims. This was due to a series of vulnerabilities discovered in the tool since March 2021.
- 123% of the increase in claims was seen with small businesses that used SonicWall’s SMA VPN appliance due to a vulnerability discovered that led to significant losses.
- There was a 44% increase in claims in mid-sized businesses with revenue between $25-$100 million.
- Direct written premiums for cyber insurance grew by 74% in 2021 to over $4.8 billion while premiums for standalone coverage increased by 92% to $3.1 billion for the year.
- When it comes to ransomware, the average cost of a claim comes to around $485k.
- 40% of companies purchased cybersecurity insurance when a cyberattack occurred on another organization in the same industry.
- Another 40% purchased it through recommendation after a cybersecurity risk assessment while the last 20% obtained cyber insurance for an unspecified variety of reasons.
- A study conducted showed that ransomware contributed as the number one cause of loss in almost 6000 cyber insurance claims with the average ransom increasing to $ 247,000 and the incident cost, of $352,000.
- A Cyber claims Study by NetDiligence evaluated 5,797 claims data from 2016 to 2020 and found 32% for ransomware affecting SMEs, 10% hacking, and another 9% for business email compromise to be the root cause of losses sustained.
- 99% of all claims costs came from SMEs a total of $ 357 million in losses. 1% of claims came from large organizations and the loss for which came around to %727 million.
- Ransomware and business email compromise (BEC) attacks were the leading cause of losses from a five-year period of 2017-2021 at 44% and 50% between the periods of 2020 and 2021 alone.
- NetDiligence’s Cyber Claims Report from 2017 to 2022 with a scope of 7,439 claims showed that there was a steady increase in the percentage of claims till 2020 and a steep decline in 2021. 2017 – 10%, 2018 – 20%, 2019 – 26%, 2020 – 29%, 2021 – 15%.
Factors Affecting Cyber Insurance Claims Rate
Here are some of the factors that affect the rates of cyber insurance claims.
1. Cost of Response
This refers to the increasing amount spent on responding to a cyberattack which includes incident cost, cost of legal and forensic expertise, ransomware demands, cybersecurity measures, and more.
2. Weak Cybersecurity Hygiene
Not having good cybersecurity measures in place can leave your organization open to more risks which can in turn affect or diminish your insurance claim.
With many organizations working remotely nowadays, the lack of adequate security controls can lead to significant exposures.
It is important to maintain endpoint security, continuous testing, and monitoring to prevent any mishaps.
3. Interruption of Business Processes
The expense that is associated with cybercrime isn’t just related to responding to and remediating it. Rather it includes the expenses and losses incurred as a part of business operations and daily procedures interrupted which need to be made operational again.
4. Breaches and Attacks
Malware and ransomware threats are on the rise. They target computer systems of SMEs and large-scale organizations to extort large sums of money or sensitive information.
The ransom that is paid in such situations has also seen a dramatic increase over the years.
5. Lack of Proper Response Plans
Details response plans help efficiently manage one’s response and response timing making it more agile in terms of responding to a threat. However, according to Ponemon Institute statistics, it suggests that 77% of companies are woefully ill-prepared and planned when it comes to thwarting an attack or a data breach.
Leading Causes of Cyber Insurance Claims
This section details the leading causes of cyber insurance claims and the cybercrimes that instigate the action. It also provides a few important statistics on each cause of cyber attacks.
Phishing attacks are a form of social engineering designed to retrieve data from unsuspecting users through the impersonation of reputable websites and authorities to whom victims might reveal information. It was reported that in 2021 nearly 83% of companies experienced phishing attacks.
- Phishing continues to be common cybercrime for three years in a row.
- 2021 saw a total of 323,972 phishing victims.
- On average phishing, victims lost the least amount of money at $136 per victim when compared to other types of attacks like investment fraud.
- Highly impersonated brands for phishing are Amazon and Google at 13%, Facebook and Whatsapp at 9%, and Netflix and Apple at 2%.
2. Credit Fraud
2021-2022 was an eventful year in terms of credit frauds (-1%), identity thefts (7%), bank frauds (39%), and more. Fraudsters using stolen information to open bank accounts under the names of victims grew by 64% in 2021.
- There have been 389,845 cases of credit fraud reported in 2021 with a slight decline when compared to 2020.
- Apart from a spike in 2020 with wire transfer frauds, the average wire fraud transfer amount and incident cost have remained between $166000- $211000 and $188000- $392000.
- 2021 saw nearly 1.6 million cases of identity theft out of which the most common was government document or benefits fraud.
- Identity fraud has caused over $56 billion in 2021 alone.
Scams like business email compromises were the second most common cause of loss resulting in a cyber insurance claim. The number of such claims obtained has increased from 80 in 2017 to almost 300 in 2021. These numbers are projected to increase in the next two years.
- 1,153 cyber insurance claims in 2022 were due to business email compromise scams. 57% of these BEC attacks occurred in 2020 and 2021.
- Business email compromise showed about 10% of the total incident cost in case of cyber insurance claims in 2022.
- More than 450 COVID-19-related financial support scams took place in 2020.
On average, malware attacks cost a company over $ 2.5 million in damages and time taken to recover. Ransomware is also far more destructive in 2021 when compared to previous years till 2017.
- Malware and ransomware are increasingly targeting businesses having claimed over 4.5k victims in 2021.
- 55% of 1500 claims from 2019 to 2021 occurred due to ransomware.
- 2,123 claims in 2022 were due to ransomware, 45% of which occurred in 2020 and 2021.
- Ransomware was the top cause of loss in SMEs at 51% of total incident cost followed by hacking at 18%.
Cybercrime Statistics for 2018-2022
This section will list some of the major cybercrime statistics from the 2018-2022 period. This is relevant as there has been a steady increase in cyber attacks during this period which is contributing to the increase in cyber insurance claims.
- According to crimes reported to the FBI from 2020 to 2021, UK’s cybercrime density increased by over 40% when compared to 2020.
- Cybercrime has claimed at least 6.5 million victims over a 21-year period from 2001 to 2021 with an estimated loss of nearly $26 billion over the same period.
- The cybercrime victim count increased drastically by 69% in 2020 during the COVID-19 pandemic when compared to 2019 from nearly 467k victims a year to 792k.
- The number of people under 20 falling victim to cybercrimes increased by 100% during the pandemic due to online studying from an average of 10,000 per year in 2019.
- Criminal activities that resulted in an increase in cyber claims increased from 69% in 2018 to 83% in 2020 for SMEs.
Why Is Cyber Insurance A Growing Market?
Cyber Insurance is generally designed to protect large organizations and SMEs from various growing risks associated with migrating to the cyber world in terms of data and technology in business operations.
Cyber insurance helps offset the expenses associated with responding and recovering from a cyber attack, the growing frequency of which has resulted in an insurance spike from 26% in 2016 to 47% in 2020.
It is estimated that the global cyber insurance claims market will grow at an average of 25% per year from 2021 to 2026 to reach a market size of 28 billion USD. According to Statista, the estimated growth of cyber insurance premiums is 20 billion dollars in 2025.
- This will be driven by the biggest risk to security in organizations, cyber incidents.
- The average cost of cybercrime in the U.S. is 27.37 million US dollars.
- Around 817 data breaches have been reported in the U.S. since H1 2022.
- Data breaches in the U.S. cost up to 9.44 USD on average.
- 34% of organizations in the U.S. have a standalone cybersecurity insurance policy.
- 43% of SMEs in the U.S. bought cyber insurance for the transfer of risks.
Largely due to the growing number of risks faced by organizations in the cyber world, the cyber insurance claims market is also facing a boom with organizations wanting to insure and secure their assets.
These cyber insurance claims statistics for 2023 clearly show the current trend and cases of cyber insurance claims, and the trend with which the market is progressing towards 2023 and beyond.