Here’s Why Smaller Companies Could Have Bigger Cyber Claims

By Hana LaRock | Random Thoughts

Oct 27

A data breach doesn’t discriminate based on the size of your company. Making sure you’re protected, therefore, is extremely important. This is more or less the reason why a lot of companies take out cyber insurance to help pay for indirect costs associated with a data breach. While it’s great news that companies are taking security very seriously, it comes at a bit of a shock once you see how much these claims actually cost. And, not only that, but also where those costs are coming from.

A study done by NetDiligence on cyber claims costs tells us a lot of interesting information. Though the larger companies make up a higher total average of claims at six million dollars, it was actually the smaller companies with less than two billion dollars in revenue that represented a higher cost of claims individually. That’s a whopping 87% majority of the all the companies surveyed.

But, why? Why would a smaller company who makes a heck of a lot less than a larger one be claiming more money than their larger-company counterparts?

Here are a few possible reasons.

Fortune 500 Companies Are No Longer the Only Targets

For many years, only Fortune 500 companies and government organizations were the main targets for data breaches. IT teams and managed service providers were still an up and coming career. Those who knew how to prevent hackers were mostly hired to protect large organizations like these. But, times are a changin’, and smaller companies are just as likely to get breached. Particularly, in retail and financial sectors.

Small Companies Aren’t As Aware of Their Exposure

Without putting any of you small-company folks down, these kind of companies just are not as aware of their exposure as much as large companies are. This means that not only are they unfamiliar with how much sensitive information they possess, but how much of that information isn’t safe from attackers.

Resources are Limited

When it comes to smaller companies, there aren’t as many resources available to guard against data breaches. Unlike larger companies, they might have a smaller budget or they may be currently preoccupied with getting their business off the ground or managing their customer relations. During these times, a small company may not realize how vulnerable they are. But, that doesn’t necessarily mean they aren’t protecting themselves. When companies have less resources to invest in IT, they may just put that towards insurance. Hence why we see more claims from small companies.

Overall, Smaller Organizations Have More Incidents

You might wonder why a smaller organization with less to offer hackers would have more incidents than a larger organization. But, believe it or not, the size of your company has both a lot to do and very little to do with it. One thing to note is that hackers don’t really care about the size of your company. If you have important information somewhere in your ne
twork, then you can be a target.

That being said, the fact that you are a small company, in general, may mean you’re not quite up to par with larger companies when it comes to cyber security. That means more incidents can happen, thus leading to a higher cost of claims.

So, where does your company fall in all of this? Smeester & Associates is here to provide you with more information on these topics, so you can make the right decisions for your company.


How low is your fruit hanging? Is that bear about to eat you or the other guy?

Discover how much risk you’re exposed to and get a complimentary RiskAware™ Cyber Security Scan & Report today!