man at a desk reviewing insurance contract

how much should I pay for cyber insurance?

So, you’re a small business owner asking yourself, “How much should I pay for cyber insurance?” You want to ensure your business is protected, but without excess or unnecessary coverage.

So, how much will it cost? We’re sure this isn’t the answer you want to hear, but it depends. In short…

It depends … The cost of your cyber insurance will depend on your business type and the level of risk you’re exposed to.

(But more on this later!)

Below, we will:

  • Provide a general estimate of how much cyber insurance costs for businesses in the United States, and
  • Discuss what factors influence how much a business owner pays for cyber insurance

infographic of how much should i pay for cyber insurance

the average cost of cyber insurance

According to AdvisorSmith’s research conducted in 2019, the average cyber insurance cost is $1,485 per year (or $124 per month) for $1 million in coverage, with a $10,000 deductible.

To come up with this figure, AdvisorSmith used quote estimates and rate filings from over 43 insurance companies nationwide. Premiums ranged from $650 to $2,357 for cyber insurance for companies with moderate cyber risk.

This figure, however, is not a hard-and-fast rule and will vary based on a number of elements regarding your business. Let’s discuss this further.

how much does cyber insurance cost?

Again, there’s no magic number for how much each business owner’s insurance will cost. That’s because every business is different.

So, what factors influence how much you will pay for cyber insurance as a business owner? At benchmark commercial insurance, we identify eight main determining factors.

industry

The industry you’re in is arguably the most important element in determining cyber insurance costs.

Depending on the industry you’re in, you’ll be placed into one of three tiers—low, medium, and high—of risk related to the type and amount of data your business stores.

To provide an example, a consulting firm would likely fall into the category of low risk whereas a business in construction, the health and wellness space, or the cannabis industry would be considered high risk.

location

The location of your business will affect how much you pay for insurance. Why? The cost of insurance differs from state to state because of differences in legal requirements, economic conditions, competition, etc.

For example, cyber coverage is cheaper in Michigan than in Minnesota.

size

How big is your business? Typically, the larger your business is (i.e. more employees, clients, and greater sales), the more expensive your premiums will be. Why? More employees equal a higher likelihood for a cyber-attack to occur.

amount of sensitive data stored

If your business stores sensitive data, you can expect to pay more for cyber insurance. Sensitive data, to name a few examples, might include:

  • Social security numbers
  • Addresses and phone numbers
  • Credit and debit card numbers
  • And more

For example, a hospital—which houses an immense amount of personal data—would pay more for cyber insurance than, say, a mom-and-pop grocery store with a small customer base and few data collection points.

revenue

The more money your business makes, the higher odds a cybercriminal will be interested in targeting your business, according to an insurer. This considered, businesses with higher revenues should anticipate paying more for cyber insurance.

security defenses your company has taken

Security protocols, software security, employee training… Any preventative measures that your business has taken to stay safe from cyber attacks equal a brownie point in an insurer’s eyes. Businesses that prioritize safety are likely to pay less for cyber insurance.

history of cyber insurance claims

If your business has a history of cyber insurance claims or has been previously attacked, you might face higher premiums.

the level of coverage that you choose

Lastly, your coverage limits and deductible will affect the amount you pay for coverage. In short, the higher your coverage limits, the higher your premiums. On the other hand, paying a lower deductible would result in paying less in the event of cybercrime but paying a greater premium.

Businesses should consult their brokers to determine which cyber security options are best suited for their unique business needs. Interested in learning more? Check out our article on what cyber insurance actually covers.