In the German industry, the market for cyber insurance is growing: every seventh industrial enterprise (14 percent) has already taken out insurance against digital industrial espionage, sabotage, or data theft. Two years ago, it was only 11 percent.  cyber insurance

This is the result of a study by the digital association Bitkom, for which 503 managing directors and security officers across all industrial sectors were interviewed in a representative manner. Specifically, another 13 percent of industrial companies are planning to take out such insurance. Almost a third (30 percent) discuss such a project. For four out of ten companies (38 percent), a cyber policy is still not an issue. “Cyber ​​insurance can be a useful addition to risk management, but it does not replace robust IT security,” says Susanne Dehmel, Member of the Bitkom management. “Only those who are well prepared for IT security can also be considered as policyholders.”

Large companies are more likely to insure against cyberattacks than SMEs cyber insurance

Especially large companies dealing with cyber insurance. One-third of companies with more than 500 employees (32 percent) have already insured against digital attacks. Nearly a quarter (23 percent) of medium-sized companies have between 100 and 499 employees and only one in 10 industrial enterprises (10 percent) has 10 to 99 employees.

When it comes to assessing how cyber insurance has paid off, the industry is divided. For three out of ten (28 percent) businesses that have been hit by digital attacks in the last two years and have cyber insurance coverage, the policy has paid off. “Cyber ​​attacks can hit anyone, no matter how well a company is protected,” said Dehmel. “Companies and insurers should clearly define

Cyber ​​insurance can take over the costs of repairing IT systems or restoring data after attacks. As a rule, damage that occurs in the event of a business interruption is also covered. In addition to external attacks, operating errors by employees or technical faults are also covered, depending on the policy. Companies can also hedge against their own privacy violations.