More than half of U.S. small- and medium-sized businesses (SMBs) experienced a cyberattack within the past year, yet only 14 percent of businesses felt prepared and protected, according to a recent white paper from the Insurance Information Institute (I.I.I.). The white paper, Protecting Against #Cyberfail: Small Business and Cyber Insurance, examines how insurers are addressing the threat cyberattacks and data breaches pose to SMBs through a combination of innovative insurance products, risk management techniques and employee training.LiabilityExcess & Surplus Lines
“Insurers foresee substantial growth coming from the SMB segment, as these companies become aware of the possibilities of liability, especially a breach and resulting response costs arising out of the possession of private data,” said Sean Kevelighan, chief executive officer, I.I.I.
The vast majority of cyber insurance claims involved the loss, exposure, or misuse of sensitive personal data. About half (48 percent) of the data breaches of U.S. small businesses in 2016 were caused by either a negligent employee or contractor, according to the Ponemon Institute.
U.S. insurers reported collecting $1.35 billion in direct premiums written for cyber insurance in 2016, according to the National Association of Insurance Commissioners. Stand-alone cyber insurance policies accounted for $921 million of that total (68 percent), while the balance came primarily from endorsements on either a small commercial or businessowners policy (BOP).