Uncategorized

July 7, 2026

Cyber Insurance Proves Its Value as Threats Grow More Severe: Report

A new report has found that cyber insurance policies are covering more than 95% of average data breach losses and 90% of average first-party losses, demonstrating that cyber insurance is providing substantial financial protection against increasingly costly cyberattacks.
cyber insurance

The findings come from the “Cyber Claims in Focus – Getting Value from Cyber Insurance” report by Willis, which analyzed 5,500 cyber claims from 95 countries between 2013 and January 2026 and approximately $1 billion in insurer payments.

The report’s findings suggest that companies with properly structured coverage have most of their breach costs covered by their insurer after an incident. However, risk managers should understand that cyber insurance is not a substitute for strong cybersecurity controls.

Most cyber policies are designed to address both first-party and third-party costs arising from a cyber incident.

First-party coverage typically includes expenses such as:

  • Forensic investigations Data restoration
  • Business interruption losses
  • Customer notification and credit monitoring costs
  • Legal expenses and certain regulatory costs
  • Crisis communications
  • Ransom payments, where permitted and covered by the policy

Third-party coverage may address defense costs, settlements, and certain liabilities arising from data breaches or privacy incidents, depending on policy terms 

Evolving threats

Data breaches remain the most frequently reported cyber insurance loss, with malicious breaches accounting for most incidents.

Ransomware, however, remains the costliest type of cyber event. The average ransomware incident lasts 25days and results in $5.3 million in losses.

Much of that cost stems not from the ransom itself but from the disruption that follows an attack. Business interruption and prolonged downtime are now among the largest drivers of cyber losses, particularly for organizations that depend on continuous operations.

The report also found that third-party vendors are responsible for a growing share of losses, accounting for nearly half of all data breach losses and 29% of first-party losses. As businesses become increasingly dependent on outside technology and service providers, a cyber incident at a single vendor can affect dozens or even hundreds of firms simultaneously.

 

Lessons from the report

Coverage varies significantly among policies and often includes exclusions, sublimits and conditions. Policies may not cover every type of loss, particularly if the insured failed to maintain required security controls, did not follow policy conditions or experienced losses that fall outside the policy’s definitions.

A policy must align with an organization’s actual exposures. Companies that underestimate their exposure to ransomware, business interruption or third-party incidents may discover that their insurance does not adequately address their most significant risks.

As cyber threats continue to evolve, it’s more important than ever that you work closely with us when seeking cyber coverage. We can work with you to identify your key exposures and evaluate coverage options designed to better address those risks.

Share Article