Why All Small Businesses Should Consider Cyber Insurance

By Connie Glover, Senior Marketing Manager

See why small businesses are at risk and need cyber insurance now more than ever.

Small and medium-sized businesses (SMBs) are a very attractive target for cybercriminals. In recent years there have been many studies and reports proving the rise of cyberattacks launched at SMBs—one shows almost 45% of threats are aimed at SMBs[1]—and 88% of small businesses in one study believe their business is subject to an attack. Yet only a fraction of small businesses report having cyber insurance. One report indicated that 83% of respondents indicated they do not carry cyber insurance.

Why? One reason is that many believe they are immune to cyber threats, believing threat actors primarily go after the bigger fish. Another is that insurance companies are becoming more risk averse, and therefore cyber insurance is becoming harder to get.

Going forward, it’s going to be a new world in terms of how threat actors target SMBs and even big businesses. Cyber insurance is an important investment to consider when looking at the list of cybersecurity services you’re considering implementing to safeguard your company. Here’s why.

SMBs are a Huge Target

If the above statistics aren’t convincing enough, there’s more. According to Security Magazine, there has been a whopping 600% increase in phishing since February 2020, and 67% of businesses have experienced an IoT-related security event[2].

Furthermore, the COVID-19 pandemic shattered previous records in terms of cybersecurity attacks, especially with the widespread remote work structure that was necessitated by the shutdowns. Threat actors exploited the pandemic to trick victims using a combination of stealth attacks and social engineering. Many fell victim to these ruses, and they are likely going to persist as an issue as cybercriminals come up with additional illicit and lucrative ways to exploit SMBs. Companies that invest in cyber insurance transfer residual risk and give themselves extra protection.

What Losses Should Cyber Insurance Cover?

In the event of a cybersecurity event, cyber insurance can help to mitigate some of the costly issues that accompany a data breach or other incident. Potential losses from common cyber threats include:

  • Cyber Extortion
  • Social Engineering
  • Business Interruption
  • Virus Transmission
  • Liability Implications

Many SMBs don’t’ fully understand how cyber insurance works. Unfortunately, many insurance brokers that sell liability policies to SMBs don’t know a lot about the actual advanced technologies involved. This often results in policies being sold that have “exclusions or situational clauses” that prevent SMBs from receiving a payout[3]. It’s important to connect with a cybersecurity service provider who understands your risk factors and the type of cyber insurance coverage you need.

Risks of Not Investing in Coverage

The risks of not obtaining coverage are significant. With phishing and ransomware growing at an exponential rate, it’s likely not a question of “if” but “when”your business suffers a cyberattack and/or data breach. What would happen if you had to absorb the regulatory and government fines (often steep!),forensics, investigation expenses, and all of the other costs out of your company's budget? Chances are the extent of money needing to be paid out would be devastating. Cyber insurance could help shelter your company from extensive costs.

Other Factors SMBs Should Consider

Today’s SMBs need to ensure they invest in the appropriate amount of cybersecurity coverage that covers the risks they face. Not all policies appropriately cover hacks and breaches and many policies have specific exclusions, which could be problematic. Partnering with a service provider that understands cybersecurity protection and cyber liability insurance is a worthwhile investment. These providers understand how to mitigate technology risks to make certain your company faces the fewest risks possible and can match you with the correct level and type of insurance.

Small companies are a prime target for cybercriminals because they know these entities don’t have the large IT budgets or a full staff to manage cybersecurity. Many SMBs think they’ll fall under the radar of threat actors, but statistics are consistently showing this is definitely not the case.

Looking for cyber insurance? Trava’s coverage limits range from $100,000 to $10 million. Our team can help you find the right policy and amount of coverage. Contact Trava today.

To learn more about the top 10 things you can do to protect your data, download our infographic.

Insurance brokers, let Trava uncover cyber risks and help patch them before you write a policy.


[1-3]Norlin,Chase, The integration of small businesscybersecurity protection and cyber insurance: An emerging trend in 2021, March4, 2021, Security Magazine, retrieved Sep. 17, 2021,

Hubschmid, Fabi, How to Protect Your Small Business from Cyber Threats, Jun 2, 2021, Forbes, retrieved Sep 17, 2021

Lifshitz, Afas, Stand Alone Together: Why SMBs Need Standalone Cyber Cover, Apr 5, 2021, Insurance Journal, retrieved Sep 17, 2021