Freely subscribe to our NEWSLETTER

According to the ESI Thoughtlab report, which surveyed executives at 1,009 companies across 13 industries from November 2019 to January 2020, 65 percent of SMEs are planning to spend more on cyber insurance as part of their cyber resilience plan in the next two years, compared to 58 percent of large companies. The report also finds that 71 percent of SMEs have a cyber coverage limit lower than $1M and lower than total past or estimated future losses and expenses related to a cyberattack. Further, cyber coverage limits varied across industries, with the report finding that life sciences, healthcare, retail/hospitality, and telecom are severely under-covered and show the biggest gap between limit and expected losses.

Additional key takeaways from the analysis report include:

SMEs and large enterprises converge on the likelihood of their business experiencing a breach over the next year: 45 percent
62 percent of SMEs in the early stages of cybersecurity maturity believe that cyber insurance is well worth the protection. Only 13 percent said cyber insurance was not worth the protection it affords.

On average, organizations opt for cybersecurity insurance coverage limits of about 0.14% of revenue

Cyberattacks using password and credential reuse cause the greatest losses today and the greatest risk over the next two years

Multi-Factor Authentication (MFA) is significantly under-deployed in SMEs (18 percent) compared to very large enterprises (43 percent)

55 percent of SMEs point to employee-owned end-user devices as the highest risk in two years