In a recent report by Sophos, a global leader of innovative security solutions for combating cyberattacks, titled “Cyber Insurance and Cyber Defenses 2024: Lessons from IT and Cybersecurity leaders”, it disclosed that there is a widespread adoption of cyber insurance among mid-sized and large organizations.
In the survey, cyber insurance adoption has surged among organizations with 100-5,000 employees, with 90% of these businesses having some form of cyber coverage. The survey, encompassing various sectors and regions, underscores the growing importance of cyber insurance as a crucial element in organizational risk management strategies.
Among companies with less than $50 million in annual revenue, 92% have cyber insurance, while 93% of organizations with annual revenues of over $1 billion also have coverage. Based on adoption rate by sector, the energy, oil/gas, and utility sector boasts the highest rate of cyber insurance at 97% with 68% of these organizations using standalone cyber insurance policies.
Tekedia Mini-MBA edition 16 (Feb 10 – May 3, 2025) opens registrations; register today for early bird discounts.
Tekedia AI in Business Masterclass opens registrations here.
Join Tekedia Capital Syndicate and invest in Africa’s finest startups here.
This high adoption rate in these industries reflects the stringent regulatory environment and significant potential liability, compounded by the widespread use of legacy technology and infrastructure controls.
On the other hand, the central/federal government sector and the IT, technology, and telecom sectors report the lowest adoption rates, both at 81%. Despite this, over four in five organizations in all sectors surveyed have cyber insurance, highlighting its status as a standard risk management tool.
In terms of countries, Singapore reports the highest adoption rate at 96%, with 68% of organizations having standalone cyber policies. In contrast, Brazil has the lowest adoption rate at 83%. France stands out for having the highest percentage of organizations with cyber coverage at 48%.
Motivations For Cyber Insurance Adoption
The primary driver for adopting cyber insurance is the general awareness of the business impact of cyberattacks and cybercrime, cited by 48% of respondents. Close behind, 45% of respondents view
cyber insurance as a critical part of their cyber risk mitigation strategy.
Additionally, 42% of respondents indicated that cyber insurance enables them to work with clients and business partners who require it, reflecting a growing trend of insurance as a business prerequisite. Board or senior management requests influenced 38% of purchases, illustrating the significant
business impact of cyber incidents.
Regulatory requirements, though the least common driver overall (34%), vary considerably by sector. In IT, technology, and telecoms, 48% of respondents cited regulatory requirements as a factor, compared to 25% in local government and 26% in construction and property.
A striking 97% of organizations that purchased a cyber insurance policy in the past year reported investing in improving their cyber defenses to optimize their insurance position. Nearly two-thirds (63%) made major investments in their cyber defenses, while 34% made minor investments.
Conclusion
The survey confirms that cyber insurance has become a critical component of risk management for organizations across various sizes, sectors, and regions. With high adoption rates and significant investments in cyber defenses, businesses are increasingly recognizing the importance of safeguarding against cyber threats and mitigating potential risks through comprehensive insurance coverage.
Cyber insurance is reportedly now an established pillar in most cyber risk mitigation strategies. By making investments in cyber defenses, businesses can unlock considerable cyber insurance savings, while enjoying reduced likelihood of experiencing any form of cyber attack.