Some overview of our findings about the market’s awareness of cyber risk insurance; the full Report includes 9 charts that provide substantially more information and greater detail, as well as our interpretation of the implication of the responses.
In this section we asked executives responsible for insurance at middle market companies about:
- Their awareness of Cyber Risk and Privacy insurance
- Whether their company was currently insured for cyber and privacy risk
- If not currently insured, whether they planned to purchase coverage within the next 18 months
- If not planning to buy coverage, their reasons why not
Approximately one-third of the respondents indicated that they currently buy Cyber Risk and Privacy insurance, and another 25 per cent plan to buy coverage within the next 18 months.
The largest companies ($250 – $500 million in sales) were more likely to already have coverage, but the next most likely was the $50 – $100 million group (higher than both the $100 – $250 million and $10 – $50 million groups).
For those that do not have coverage, ‘too expensive’ was not as big a reason as we expected, but was still important. Keep in mind that, for many of these companies, the Great Recession’s effects aren’t yet over.
Respondents heard about Cyber Risk and Privacy insurance from many sources; their insurance broker was one important source, but far from dominant. Audit firms, news reports, and experiencing their own data breach were also sources.