Proactive cyber insurance can save SMEs thousands in outsourced security costs

CFC analysis demonstrates value of proactive cyber protection insurance policies.

Cyber News 4 min Thu, Jul 25, 2024

CFC, the specialist insurance provider, pioneer in emerging risk and market leader in cyber, has revealed the results of some detailed analysis of the cost to SMEs(*1) for deploying cybersecurity services.

CFC’s proactive cyber team reviewed a number of actual cyber security solution costs(*2) from a range of third party providers to calculate the cost to an SME of outsourcing these services. The team examined the same range of security measures to those currently provided for free by CFC to policyholders covered by its proactive cyber capabilities. These include phishing protection, external vulnerability management, external asset discovery, threat intelligence, zero-day vulnerability discovery and real-time cyber expert service.

The results of CFC’s study revealed that the average monthly cost to an SME to outsource all these services amounted to $6,412 equating to an annual spend of $76,967.

This does not include any estimation of the cost to a business of the time required by its own team to install, update or manage any technology or software as part of any outsourcing arrangement.

“It’s a well known-fact that the biggest problem that brokers face when it comes to selling cyber insurance is price,” says Jason Hart, Head of Proactive Insurance at CFC. “This is where the real value of our proactive cyber insurance cover for SMEs becomes clear. Not only do they get a promise to pay should a cyber event occur but, more importantly, they get a promise to protect their business. Using unique insights from threat intelligence feeds, the dark web, network scanning and our own real-life claims data, we identify potential threats and alerts customers before an event happens.”

Every CFC cyber policyholder benefits from these award-winning proactive services as standard from the moment their policy binds with no need to install any technology, no need for internal cyber security expertise, no need to translate technical information into day-to-day business language and no need for regular system updates.

“The average value of a ransomware demand is around $190,000(*3) – yet the typical cost of our cyber insurance to an SME is only $4,800(*4) and includes all the proactive security and alerts we provide,” Hart concludes: “I would urge brokers to position our proactive cyber insurance as not just a financial safety net to their clients, but as a shield that provides real value and can address the security gap that many small to mid size businesses have.”

Read more about CFC’s market-leading cyber proposition here.

*1 SME defined as companies up to 100 employees

*2 Costs based on current pricing data provided by various cyber security service providers in June 2024

*3 From CFC’s ransomware calculator, based on a Professional Services SME with 100 employees

*4 Costs based on CFC data when defining SMEs as companies up to 100 employees