Large organizations have long understood the intrinsic value of customer data. Using it to formulate and execute on key business decisions, enterprises can better meet customer demand, anticipate a buyer’s propensity to purchase and stay ahead of savvy competitors. Because of the substantial amounts of resources required to successfully leverage customer data, and considering its highly confidential nature, large companies have also traditionally led the pack in implementing cyber insurance to protect this crucial business asset.
Despite having fewer human and monetary resources, small and medium-sized businesses (SMBs) have started joining in on the data-driven movement, leveraging their existing customer data to deliver superior customer experiences and, in some cases, successfully compete with large organizations. Protecting that invaluable intelligence, however, has historically been overlooked. Many SMBs assume they aren’t as much of a target as large companies are, or they simply aren’t aware that cybersecurity tools are available to them. Plus, complex buying processes and exorbitant pricing often prohibit even the most knowledgeable SMBs from adequately protecting their assets.
New and Improved SMB Habits
Thankfully, times are changing. As SMBs continue to take advantage of the business benefits that leveraging customer data can provide, they’ve caught on to the merits of defending their customer data with cybersecurity measures such as cyber insurance. In fact, it’s fair to say SMBs will drive the next wave of cyber insurance adoption.
See also: Cyber: Black Hole or Huge Opportunity?
According to recent research conducted by my company, demand for cyber insurance has skyrocketed among the SMB market as of late, with the highest quarterly growth being 150% and averaging approximately 69% per quarter. In Q2 of 2018 alone, 30% of our commercial insurance shoppers purchased cyber coverage, up from 12% a year ago. First-time cyber insurance shoppers are also on the rise among SMBs, having experienced a quarterly growth of 34% over the last year.
Key Factors Contributing to Cyber Insurance Growth
There are a variety of reasons for SMBs’ increasing enthusiasm for cyber insurance, such as a rise in SMB-targeted cyberattacks and widespread, difficult-to-detect network vulnerabilities. However, after analyzing our digital proprietary data collected from Q1 2017 to Q3 2018, we found the following three factors equally critical in driving SMB cyber insurance adoption:
1. Compliance Requirements
Compliance requirements such as HIPAA, PCI and DCI have contributed significantly to the growth of the SMB cyber insurance marketplace. Recent data privacy regulation rulings such as GDPR and the California Consumer Privacy Act may also be pushing adoption, as the percentage of our shoppers who stated compliance requirements as a motivating factor increased 39% quarter-over-quarter.
2. Contractual Components
In the past, mandating cyber insurance for SMBs was difficult, due to the lack of affordability and accessibility. Today, digital-first insurance providers have drastically reduced distribution costs, allowing organizations to enforce cyber insurance as an essential component of third-party vendor contracts. According to our data, nearly half (46%) of SMBs buying cyber insurance are purchasing due to contractual requirements.
3. Affordable Policies
The price of SMB cyber insurance has declined substantially over the past year, primarily due to carriers’ ability to provide tailored policies designed to meet SMB-specific needs. In April 2017, our data shows the average monthly premium cost for a $1 million cyber insurance policy was $270. By June 2018, however, the average monthly premium cost for a $1 million cyber insurance policy dropped to just $77.
The Future of Cyber Insurance Adoption
Compounding factors will continue to drive the SMB cyber insurance market. From a business perspective, state and federal regulations will likely make cyber insurance a mainstream business priority, and enterprise-level contractual requirements will make cyber insurance a must-have for third-party vendors. On the consumer side, customers will continue to take an increasingly active role in their personal cybersecurity, demanding SMBs effectively secure their personal data through security solutions, including cyber insurance.
Though our data is still maturing, the steady increase in SMB shopper awareness and overall market readiness indicate that 2018 serves as an inflection point for the mainstream adoption of cyber insurance. Furthermore, with the SMB population in the U.S. expected to exceed 34 million by 2025, cyber insurance will be an essential factor in securing our collective digital world, and we can expect any business with assets to secure, and long-term viability to protect, to make cyber insurance a critical element of their comprehensive cybersecurity plan.