CYE Study Unveils Average Cyber Breach Insurance Coverage Gap is 350%, Amounting to $27.3M Average Uncovered Loss

Findings show accurate cyber risk quantification is crucial for organizations to better understand the potential financial consequences of cyber breaches

TEL AVIV, IsraelApril 17, 2024 /PRNewswire/ — CYE, the industry leader in cybersecurity optimization platforms, today released its Inadequacies in Breach Insurance Coverage: A Data-Driven Gap Analysis study. This report delves into the depths of cyber risk management, unearthing the critical insurance coverage gaps that threaten organizational stability in the wake of cyberattacks.

In an era where digital threats loom larger than ever, businesses are increasingly turning to cyber insurance as a safeguard against the financial ravages of data breaches. Yet CYE’s recent study leveraging external and internal datasets reveals a stark reality: the protection afforded by such insurance may fall significantly short of the actual costs incurred during cyber incidents. Specifically, CYE found that:

  • 80% of insured companies that suffered a data breach did not have sufficient coverage
  • The average coverage gap is 350%, which means that more than 75% of the incident was not covered
  • In some cases, the maximum insurance gap reached 3,000%
  • “Low tech” sectors of accommodation and food services, construction, transportation and warehousing are among the more adequately covered ones, while sectors like finance and insurance, information and manufacturing present well beyond a 100% gap in coverage

“Many organizations are aware of cyber risk, but do not fully comprehend what the potential cost could be if they are breached,” said Nimrod Partush, Vice President of Data Science at CYE. “This study underscores how many companies rely on cyber insurance to cover the losses incurred as a result of cyber incidents and are then taken by surprise when they find that their insurance only covers a small portion.”

The study concludes there’s a pressing need for more accurate cyber risk quantification so that organizations can prepare for possible cyberattacks with their eyes open. Performing accurate CRQ assessments not only provides a more realistic estimate of damages, but also enables optimal mitigation planning and cyber budgets with high ROI, allowing organizations to avoid breaches altogether.

Download the full report here.

Please visit CYE at booth 5173 at the RSA Conference in San Francisco next month, where they will showcase their cutting-edge cyber risk quantification solution and engage in key industry discussions.


Drawing from an extensive pool of internal and external data breaches recorded in CYE’s dataset, this study analyzed a total of 101 incidents across various sectors containing breach coverage figures. The focus sharpened on sectors notably vulnerable to cyber threats: finance and insurance, manufacturing, and information. Through meticulous examination, the analysis revealed the disparities between insured and uninsured exposures, offering unprecedented insights into the financial aftermath of cyber incidents.

The full original article could be found here: