We've all read or heard about the many data breaches and cyber "incidents" in the news, including Sony, the U.S. government's Office of Personnel Management, and several airlines. To put those data breaches—a more accurate term than cyber attacks—in perspective, Tim Francis, Enterprise Cyber Lead, Travelers, speaking at a recent cyber media event, "Hacked: The Realities of a Cyber Event," held Oct. 1 in Washington, D.C., provided an overview of the threat landscape. He explained that according to the Symantec Internet Security Report, there are 34,529 known computer security penetration incidents per day. Not all the incidents result in the theft of personally identifiable information but the huge numbers are troublesome.

The panel, moderated by Joan K. Woodward, President, Travelers Institute and Executive Vice President, Public Policy, also included

• Tom Finan, Senior Cybersecurity Strategist and Counsel, U.S. Department of Homeland Security
• Chris Hauser, 2nd Vice President, Cyber Fraud, Travelers Investigative Services and former FBI agent responsible for cyber investigations
• John Mullen, Managing Partner, Lewis Brisbois Bisgaard & Smith LLP, and Chair, U.S. Data Privacy & Network Security Practice
• Melanie Dougherty-Thomas, Managing Director, Crisis Communications Management, Inform

The panelists agreed that small to mid-sized businesses are the most vulnerable, and one successful attack can shut those businesses down completely. But what types of claims are the most common and what do they really cost?

Travelers' cybersecurity experts have developed common cyber claims scenarios across five industries, as shown in the following pages. The costs add up quickly, often reaching more than $1 million.