Only Half of Businesses have Cybersecurity Insurance

Credit: Sdecoret |

Most companies are much better prepared for hurricanes and earthquakes then they are for cyber-attacks, according to figures from AIG.

Only about 55% of Fortune 500 companies have cybersecurity insurance. For the majority of enterprises, the figures are even lower; just 35% of small to medium-sized businesses are insured against cyber attacks.

By contrast, recent statistics on cyber attacks recently released by the Australian Government show that cybercrime attacks have increased by 300% since 2015 and 60% of smaller businesses that experience a major data breach go out of business within six months.

“The cyber-insurance industry is relatively new and it’s evolving,” explained Paul Waite, Director of Cyberplus.

“It’s a bit different to other insurance offerings because the cyber environment is always changing. There are new threat vectors being pushed out daily and that makes it difficult for insurers to calculate the potential losses.”

“At the moment, insurers are relying on historical data to rate premiums and calculate probable loss events and I don’t think that approach to underwriting is sustainable long term,” added Mr Waite.

According to Paul Waite, there are a large number of cyber threats that organisations need to be prepared for. There is the well known ransomware-type event that is simple but quite dangerous for an organisation.

There has also been a rapid evolution of the Business Email Compromise (BEC), which is becoming more sophisticated in the way that attackers lure their victims.

Additionally, there has been a rise in user credential farming, which provides cybercriminals front door access to organisations. Rather than trying to break through the cyber perimeter that most organisations have in place, cybercriminals are tricking people into letting them straight in.

“An off-the-shelf cyber-insurance product isn’t necessarily going to be the right approach,” said Mr Waite.

“Cyber-insurance is complex and needs to be tailored to suit an organisations specific risk profile. My advice to managers is: before purchasing cyber insurance, your organisation first needs to undertake a detailed risk analysis of their business.”

Cybercrime can result in massive financial losses, but it’s not just the immediate theft that’s the problem; very often cyber-attacks leave company’s computer systems crippled or corrupted and that can bring an entire business operation to a grinding halt.

“When it comes to cybersecurity, being prepared isn’t just having a wall that will block and protect from attacks,” said Dan Tehan, former Minister Assisting the Prime Minister for Cybersecurity.

“Instead, being prepared means minimising risk.”

Prevention is the most effective strategy for dealing with cybercrime, and organisations must implement a multi-layered defence to help minimise the risks associated with cyber security attacks, according to Craig McDonald, MailGuard CEO.

New regulatory regimes like the NDB and GDPR administer serious penalties for companies whose data is breached, making it more vital than ever for every business to acknowledge and address their cybersecurity responsibilities.

CEOs are encouraged to audit data and IT resources, seek professional guidance on establishing a cybersecurity policy, enable effective endpoint security and deploy cloud-based threat protection to prevent malicious incursions.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cyber crimeSecurity Watch

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Show Comments

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Cate Bacon

Aruba Instant On AP11D

The strength of the Aruba Instant On AP11D is that the design and feature set support the modern, flexible, and mobile way of working.

Dr Prabigya Shiwakoti

Aruba Instant On AP11D

Aruba backs the AP11D up with a two-year warranty and 24/7 phone support.

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers


This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang


It really doesn’t get more “gaming laptop” than this.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?