A new study by BlackBerry and Corvus Insurance confirms a “cyber insurance gap” is growing, with a majority of businesses in North America either uninsured or underinsured against a rising tide of ransomware attacks and other cyber threats.
- Only 19% of all businesses surveyed have ransomware coverage limits above the median ransomware demand amount ($600,000)
- Among SMBs with fewer than 1,500 employees, only 14% have a coverage limit in excess of $600,000
- 37% of respondents with cyber insurance do not have any coverage for ransomware payment demands
- 43% of those with a policy are not covered for auxiliary costs such as court fees or employee downtime
- 60% say they would reconsider entering into a partnership or agreement with another business or supplier if the organization did not have comprehensive cyber insurance
- Endpoint detection and response (EDR) software is frequently a key component to obtaining a policy
- 34% of respondents have been previously denied cyber coverage by insurance providers due to not meeting EDR eligibility requirements