A new study by BlackBerry and Corvus Insurance confirms a “cyber insurance gap” is growing, with a majority of businesses in North America either uninsured or underinsured against a rising tide of ransomware attacks and other cyber threats.
- Only 19% of all businesses surveyed have ransomware coverage limits above the median ransomware demand amount ($600,000)
- Among SMBs with fewer than 1,500 employees, only 14% have a coverage limit in excess of $600,000
- 37% of respondents with cyber insurance do not have any coverage for ransomware payment demands
- 43% of those with a policy are not covered for auxiliary costs such as court fees or employee downtime
- 60% say they would reconsider entering into a partnership or agreement with another business or supplier if the organization did not have comprehensive cyber insurance
- Endpoint detection and response (EDR) software is frequently a key component to obtaining a policy
- 34% of respondents have been previously denied cyber coverage by insurance providers due to not meeting EDR eligibility requirements
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.