So, you’re a small business owner asking yourself, “How much should I pay for cyber insurance?” You want to ensure your business is protected, but without excess or unnecessary coverage.
So, how much will it cost? We’re sure this isn’t the answer you want to hear, but in short, it depends.
The cost of your cyber insurance will depend on your business type and the level of risk you’re exposed to.
(But more on this later!)
Below, we will:
- Provide a general estimate of how much cyber insurance costs for businesses in the United States
- Cover why the cost of cyber insurance is increasing, and
- Discuss what factors influence how much a business owner pays for cyber insurance
the average cost of cyber insurance
According to AdvisorSmith’s research conducted in 2019, the average cyber insurance cost is $1,485 per year (or $124 per month) for $1 million in coverage, with a $10,000 deductible.
To come up with this figure, AdvisorSmith used quote estimates and rate filings from over 43 insurance companies nationwide. Premiums ranged from $650 to $2,357 for cyber insurance for companies with moderate cyber risk.
This figure, however, is not a hard-and-fast rule and will vary based on several elements regarding your business and the cyber insurance market.
the cost of cyber insurance is increasing… why?
So, the cost of cyber insurance is increasing… But why? Here’s a shorthand list.
- Cyber attacks are becoming more and more common across the board; cyber extortion has jumped by 150% in one year and cases of malicious breaches and unintentional disclosure increased by 18%
- To contain potential lawsuits, businesses will rely on outside attorneys to handle cyber response
- Executives do not know how to properly insure their businesses from cyber risk (Munich RE reports that 81% of C-level respondents think their company is not adequately protected against cyber threats and only 34% of C-level respondents have been in contact with their insurers)
Therefore, as ransomware attacks continue to crowd the cyber insurance market, coverages are expected to rise 40% to 50% for optimal risks and 50% to 100% or more for less optimal risks.
Even so, while cyber insurance premiums are rising, policies are covering less.
how much does cyber insurance cost?
Again, there’s no magic number for how much each business owner’s insurance will cost. That’s because every business is different.
Moreover, this is an especially tricky question as the cyber liability underwriting market remain
But what factors influence how much you will pay for cyber insurance as a business owner? At benchmark commercial insurance, we identify eight main determining factors.
The industry you’re in is arguably the most important element in determining cyber insurance costs.
Depending on the industry you’re in, you’ll be placed into one of three tiers—low, medium, and high—of risk related to the type and amount of data your business stores.
To provide an example, a consulting firm would likely fall into the category of low risk whereas a business in construction, the health and wellness space, or the cannabis industry would be considered high risk.
The location of your business will affect how much you pay for insurance. Why? The cost of insurance differs from state to state because of differences in legal requirements, economic conditions, competition, etc.
For example, cyber coverage will likely be cheaper in Michigan than in Minnesota.
How big is your business? Typically, the larger your business is (i.e. more employees, clients, and greater sales), the more expensive your premiums will be. Why? More employees equal a higher likelihood for a cyber-attack to occur.
amount of sensitive data stored
If your business stores sensitive data, you can expect to pay more for cyber insurance. Sensitive data, to name a few examples, might include:
- Social security numbers
- Addresses and phone numbers
- Credit and debit card numbers
- And more
For example, a hospital—which houses an immense amount of personal data—would pay more for cyber insurance than, say, a mom-and-pop grocery store with a small customer base and few data collection points.
The more money your business makes, the higher odds a cybercriminal will be interested in targeting your business, according to an insurer. This considered, businesses with higher revenues should anticipate paying more for cyber insurance.
security defenses your company has taken
Security protocols, software security, employee training… Any preventative measures that your business has taken to stay safe from cyber attacks equal a brownie point in an insurer’s eyes. Businesses that prioritize safety are likely to pay less for cyber insurance.
history of cyber insurance claims
If your business has a history of cyber insurance claims or has been previously attacked, you might face higher premiums.
the level of coverage that you choose
Lastly, your coverage limits and deductible will affect the amount you pay for coverage. In short, the higher your coverage limits, the higher your premiums. On the other hand, paying a lower deductible would result in paying less in the event of cybercrime but paying a greater premium.
Businesses should consult their brokers to determine which cyber security options are best suited for their unique business needs. Interested in learning more? Check out our article on what cyber insurance actually covers.