While cyber is one of the fastest growing risks for companies, businesses are only protecting 12% of those assets. (Photo: Shutterstock)

A new report concludes that companies of all sizes are advised to consider cyber threats as one of the fastest growing risks, with information technology (IT) assets often as valuable as their property assets. 

The 2015 Global Cyber Impact Report, independently conducted by the Ponemon Institute  and sponsored by Aon, identifies the financial impact of cyber incidents compared to tangible asset vulnerabilities. The global study, which surveyed more than 2,200 companies in 40 countries, found that while cyber is one of the fastest growing risks for companies, businesses are only protecting 12% of those assets compared to 51% of tangible property assets, leaving IT assets 39% more exposed than property assets.

Additional key findings:

  • Information assets are underinsured against theft or destruction based on the value, Probable Maximum Loss (PML) and likelihood of an incident occurring, even though PML can exceed $200 million.
  • 52% of respondents believe their companies’ exposure to cyber risk will increase over the next 2 years, but only 19% of respondents say their company has cyber insurance coverage with an average limit of $13 million.
  • Exposure to cyber risk is expected to increase, but 54% of respondents say there is no plan to purchase cyber insurance.
  • 37% of companies surveyed experienced a material or significantly disruptive security exploit or data breach one or more times in the past 2 years and the average economic impact of the event was $2.1 million.
  • Awareness of the economic and legal consequences from an international data breach or security exploit is low.
  • While system or business process failures where the most often cited as the cause of a data breach or exploit, only 33% of respondents say these incidents are covered by their cyber insurance.
  • 5 years from now the projected growth in the use of Internet-connected devices will grow from 10 to 50 billion.

 What are the main reasons companies gave for not purchasing cyber security insurance?

  • 31% – coverage is inadequate based on the exposure
  • 29% – premiums are too expensive
  • 26% – property and casualty policies are sufficient
  • 26% – there are too many exclusions, restriction and uninsurable risks

 Download the full report by visiting, Aon Report: 2015 Global Cyber Impact.