Visualize: Insights that power innovation

ISO survey: Data breach risk is top of mind for many insurers

By Lucian McMahon April 6, 2018

We learned this month that the reported Equifax breach – already considered massive – may have affected even more Americans than was previously assessed. The credit agency recently reported that another 2.4 million people were impacted by the Equifax breach, which was first discovered last fall. That brings the total number of Americans affected to 147.9 million.

It seems that not a day goes by without a new data breach being reported somewhere around the globe. To put it into perspective, Business Insider (BI) reports that in each of the past five years there has been an average of 1,704 security incidents, which have involved the breach of nearly 2 billion records.

Click to enlarge

Businesses have reason to worry. Of the organizations breached, 22 percent lost customers, 29 percent lost revenue, and 23 percent lost business opportunities, according to BI’s estimates.

No business is too small to be immune. As we reported last year, cyber attacks targeting small businesses rose from 18 percent in late 2011 to 36 percent in 2017, and continue to rise. 

ISO Emerging Issues Bracket

Insurers are thinking about cybersecurity too, if the past five ISO Emerging Issues Bracket results are any indication. Each year, our survey asks insurers to name the emerging issue most on their minds. This year, data breach liability topped the list, edging out autonomous vehicles, the 2017 list topper. But the 2017 results may have been an outlier, as in 2014, 2015, and 2016, cybersecurity rose to the top of ISO’s Emerging Issues Bracket.

Cybersecurity risk offers insurers opportunity

Verisk estimates that written premium for commercial cyber liability could reach $6.2 billion by 2020 — up from approximately $2.5 billion in 2016—with annual take-up rates growing 20 to 30 percent per year during the next several years. Insurers that can get a clear picture of the market and identify niches with potential for growth can profit from helping to address these risks.

To assist insurers, ISO, a Verisk business, has developed a cyber insurance program. The program is currently available for use in 45 U.S. states and territories.


Lucian McMahon, CPCU, ARM-E, AU-M, is a product development specialist with the ISO Emerging Issues team. You can contact Lucian at lucian.mcmahon@verisk.com.