Compared to property, plant and equipment (PP&E) assets, the impact of business disruption to cyber assets is 72% greater, organizations value cyber assets at 14% more, and quantify probable maximum loss from cyber assets is 27% higher, according to the 2017 Cyber Risk Transfer Comparison Global Report from Aon and the Ponemon Institute. What’s more, nearly 65% of organizations expect their cyberrisk exposure to increase over the next two years.
Yet businesses are spending four times more on insurance to cover property-related risks than cyberrisk. On average, organizations insure 59% of PP&E losses and self-insure 28%, compared to insuring 15% of cyber exposure and self-insuring 59%.
“We have found that most organizations spend multiples more premium for fire insurance, for example, than for cyber insurance, even though they state in their publicly disclosed documents that a majority of the organization's value is attributed to intangible assets,” said Kevin Kalinich, cyber/network global practice leader at Aon Risk Solutions.
The majority of respondents said that cyber insurance is inadequate for their organization’s needs, too expensive, and has too many exclusions.