AIMultiple ResearchAIMultiple Research

Cybersecurity Insurance in 2024: Practice of Future

Employees now work from anywhere and on any device. KPMG study shows 87% of businesses are embracing hybrid/remote working in the post-pandemic era. The rise of the mobile workforce makes traditional network and cybersecurity solutions of companies ineffective. To limit the financial impact of a cyberattack, almost 70% of businesses have obtained cyber insurance as of the beginning of 2022. 

In this research, we will go into cybersecurity insurance in depth to assist executives in their struggles against cyber threats.

What is cybersecurity insurance?

Cybersecurity insurance or cyber liability insurance is a policy that, for a fee, reduces the risks companies face in their online operations, such as data loss or breaches, hacking of companies’ online systems, and network damage.

What does cyber insurance cover?

Cybersecurity insurance policies provide coverage for the following cases:

  • Network security coverage: This type of cyber insurance protects your company in the case of a network security breach, such as a data breach, malware attacks, data theft, blackmail, or exposure to classified information. 
  • Privacy liability coverage: Personal data is sensitive, and any breaches or violations that reveal it might result in legal action. The legal fees and penalties that may be incurred due to such litigations are covered by privacy liability policies. 
  • Network business interruption coverage: Firms can receive lost revenues, overheads, and additional fees when a company’s or providers’ network becomes non-functional due to an incident. Such policies provide coverage for both security failures that might occur due to hacking and system failures such as failed software patches.
  • Media liability coverage: These policies cover any violation of intellectual property, apart from copyright violations, resulting from your services being promoted.

Why is cybersecurity insurance important now?

According to Forbes, a cyberattack occurs every 11 seconds today, and by 2031 this ratio will worsen, reaching one cyberattack every 2 seconds. While not all of these attempts are successful, cyberattacks threaten both tangible and intangible corporate assets, such as reputation, which accounts for more than 50% of the value of the top 25 U.S. companies.

It is possible to cluster the damage of cyberattacks on businesses as long-term and short-term damages (see Figure 1). Successful cyberattacks cause short-term expenses like investigation, legal, and IT remediation costs and long-term consequences like regulatory fines, reputational crisis, a decrease in revenue, etc.

Figure 1: Short & long term cost of cyberattacks

Short and long term cost of cyberattacks

When we review the perceptions of market participants (see Figure 2), we see a similar pattern where cyberattacks are seen as a problem, and people expect to face more cyber risks related problems in the future.

Figure 2: Patterns where cyber attacks are seen as a problem

Source: IBM

Therefore, it is critical for companies to hedge their risks with cybersecurity insurance and look for ways to mitigate their cyber risks to achieve sustainable business practices that protect their market value in the long run.

Who needs cybersecurity insurance?

Companies that use analytics and data storage areas of cloud services, and businesses that operate online platforms to sell their goods or services, can protect themselves against losses from cyberattacks with cybersecurity insurance. In other words, almost all companies can benefit from such insurance policies.

Is traditional insurance being replaced by cybersecurity insurance?

The Internet of Things (IoT) has a transformative effect on our lives and insurance practice. The rapid growth of smart homes, smart cars, and smart manufacturing systems mean we are exposed to fewer physical risks than before. In a smart home, for example, it is difficult to be exposed to a fire caused by a gas leak because the system automatically shuts off the gas and notifies the homeowner and other necessary contacts if maintenance of the gas line is required.

Therefore, customers need less old-fashioned insurance policies. As we discussed in our last article, such a reality will force insurance companies to slowly abandon old-fashioned insurance instruments since they will no longer be in demand.

However, the increasing proliferation of smart devices has created a new risk area. Cyberattacks on IoT devices are creating and will continue to create systematic risks to homes, cars, and other physical objects by disabling the environmental monitoring function of IoT devices, as Figure 3 suggests.

Figure 3: Transformation towards cyber insurance from traditional insurance

Source: KPMG

Is the insurance sector protected against cyber attacks?

It is fair to expect a safe protector. Therefore, it is a reasonable question whether the insurers are well protected against cyber attacks or not.

According to Accenture, the number of cyberattacks on insurers doubled in 2018 compared to the previous year. Despite the huge increase in the number of attacks, the number of successful attacks remains relatively similar, indicating a 42% decrease in successful breaches. In addition, insurers detect successful breaches more quickly than in the past, increasing their chances of mitigating the damage. Overall, we can conclude that although insurers are not perfectly safe, they learn to cope with cyber attacks over time.

Figure 4: Improvements in the cybersecurity posture of insurers

Source: Accenture

Further readings

You can check our other insurance sector-related articles:

To find vendors/tools that assist your business in improving your cybersecurity posture, you can check our cybersecurity software and cybersecurity companies lists

Also, you might want to look at our top insurance suites list.

We can help you find an insurtech to help you with your digital transformation.

Find the Right Vendors
Access Cem's 2 decades of B2B tech experience as a tech consultant, enterprise leader, startup entrepreneur & industry analyst. Leverage insights informing top Fortune 500 every month.
Cem Dilmegani
Principal Analyst
Follow on

Cem Dilmegani
Principal Analyst

Cem has been the principal analyst at AIMultiple since 2017. AIMultiple informs hundreds of thousands of businesses (as per similarWeb) including 60% of Fortune 500 every month.

Cem's work has been cited by leading global publications including Business Insider, Forbes, Washington Post, global firms like Deloitte, HPE, NGOs like World Economic Forum and supranational organizations like European Commission. You can see more reputable companies and media that referenced AIMultiple.

Throughout his career, Cem served as a tech consultant, tech buyer and tech entrepreneur. He advised businesses on their enterprise software, automation, cloud, AI / ML and other technology related decisions at McKinsey & Company and Altman Solon for more than a decade. He also published a McKinsey report on digitalization.

He led technology strategy and procurement of a telco while reporting to the CEO. He has also led commercial growth of deep tech company Hypatos that reached a 7 digit annual recurring revenue and a 9 digit valuation from 0 within 2 years. Cem's work in Hypatos was covered by leading technology publications like TechCrunch and Business Insider.

Cem regularly speaks at international technology conferences. He graduated from Bogazici University as a computer engineer and holds an MBA from Columbia Business School.

To stay up-to-date on B2B tech & accelerate your enterprise:

Follow on

Next to Read


Your email address will not be published. All fields are required.