Guide to Cybersecurity Insurance: Why Your Organization Needs It

Global cyberattacks increased 75% year-over-year in the third quarter of 2024.1 How much did those attacks cost? The average cost of a single data breach was $4.48 million.2 In the U.S., the total cost of cybercrime in 2024 was $452.3 billion.3

Cybercrimes and fraud not only impact a corporation’s bottom line, but also its operations, intellectual property, customer relationships and reputation. Attacks can happen to organizations of any size in every industry. Corporations can’t afford to be unprepared or unprotected. So, cybersecurity insurance and fraud insurance are smart investments.

“Fraud is a universal problem,” says Chad Parramore, executive director and head of product commercialization for the Synovus Treasury and Payment Solutions team. “There’s so much risk of exposure. Businesses need to understand what’s required, not only to keep their platforms secure, but also to absorb the cost of an actual attack,” Parramore says.

If you are considering corporate insurance to cover cyberattacks or fraud, ask questions to understand what’s covered and whether a particular policy will adequately meet your organization’s needs.

What are the most common types of fraud schemes targeting corporations?

Fraudsters are creative but usually repeat scams that have been successful in the past. Phishing, malware/ransomware and denial of service attacks are among the most common cybercrimes against businesses, although new schemes are increasing.

• Phishing: This is a business email scheme (BEC) that attempts to lure employees into sharing confidential information or downloading a malicious file. “Spear phishing” targets individual employees, while “whale phishing” targets senior executives. “Smishing” (fraudulent texts) and “vishing” (fake voicemails) are variations of the scheme that use different communication tactics.


• Spoofing: Scammers pose as a trusted source seeking to obtain money or sensitive information from recipients. Spoofing involves various methods of communication that are falsified, such as caller IDs, email addresses, geolocations, IP addresses and network devices’ media access controls.


• Malware: Malware, short for “malicious software,” is designed to damage or disrupt networks, servers, computers and devices. Malware is usually delivered via pop ups, embedded links, email attachments or downloads. Examples include trojans, viruses, worms, spyware and adware.


• Ransomware: This is a form of malware that encrypts and disables access to devices and data until the victim pays the fraudster. Payment doesn’t guarantee the criminal will restore access or prevent selling the data.


• Data compromise: Also known as “data breaches,” these attacks involve unauthorized access to confidential information such as health records, social security numbers, financial records or passwords. Thieves often sell the data on the dark web.


• Denial of service (DoS): These attacks flood a network with illegitimate requests, overwhelming its capacity to the point of failure. Political beliefs, business competition or anger towards a company may trigger DoS attacks.


• Supply chain attacks: Fraudsters target your vendors’ and suppliers’ data to access your networks and/or data. Their goals may be to disrupt operations, steal proprietary information, ransom data, or facilitate further attacks.


• Generative AI (Gen AI) fraud: Often used to create deceptive content that appears real, this type of fraud includes video, text or voice cloning. Falsified documents, social media posts and images are designed to trick employees into participating in investment or other financial schemes.

Corporations and government agencies are also susceptible to occupational fraud. Misappropriation, financial statement fraud and corruption are among the most frequent types of internal theft.

Which five industries are most vulnerable to cybercrime?

No organization is immune to cyberattacks or internal fraud. However, some are more frequently targeted because of the data they collect and store.

• Education
  Weekly attacks against schools, universities and educational departments rose 75% last year from the previous year.4 High volumes of personal information make these institutions attractive to fraudsters.


• Government
  Governmental agencies are among the top three industries experiencing attacks. In 2024, weekly attacks increased 43% from the prior year. As with the education and healthcare sectors, ransomware is usually the attack of choice.5


• Healthcare, insurance and financial services
  Due to the sensitive data they store, these organizations are among the top targets for ransomware. In 2024, healthcare data breaches affected 53% of the U.S. population.6 Healthcare breaches also incurred the highest costs. Financial services and insurance were the second most often attacked, with the second-highest average cost per breach.7,8


• Industrial (including manufacturing, chemical processing and engineering)
  Industrial organizations saw the highest increase in breach costs – third after healthcare and financial services.9 Manufacturing was the target of 26% of attacks, of which 96% were for financial gain and 4% for corporate espionage.10


• Retailers
  In 2024, 25% of attacks against retailers were criminals in search of payment card data, including e-commerce skimming.11

Occupational fraud most often occurs in Financial Services/Banking, Manufacturing, Government and Public Administration, and Healthcare.12

What does cybersecurity insurance and fraud insurance coverage include?

Fraud detection and prevention are the best proactive measures. However, even the most sophisticated networks, systems and devices can fall prey to deception and cybercrime. Fraud insurance and cybersecurity insurance offer a hedge against losses when incidents occur.

Fraud insurance protects corporations against occupational fraud. In 2024, the Association of Certified Fraud Examiners reported $3.1 billion in global losses in employee-committed crime against their employers. The association also estimates corporations lose 5% of revenue to internal scams every year.13

Cybersecurity insurance is geared toward external fraud such as data breaches and other digital crimes. In the U.S., the total cost of cybercrime is expected to reach $1.82 trillion by 2028.14

These two types of coverage are specific as to the incidents they include.

Depending on the types of fraud your corporation is most susceptible to, you may need both and they could overlap.

Who does cybersecurity or fraud insurance cover?

Most policies are written as first-party insurance or third-party insurance. First-party insurance covers direct losses to the corporation. For example, cybersecurity insurance for corporations would include losses and costs related to:

• Data and system recovery and repair
• Extortion and ransomware claims
• Reputation management
• Security and network consulting
• Customer notification fees

Third-party insurance, on the other hand, covers corporations for liability to others, including customers, shareholders, vendors, partners and financial institutions. These liabilities could include:

• Damages and settlements
• Regulatory fines
• Legal defense

When considering cybersecurity insurance or fraud insurance, corporations should work closely with an experienced agency or financial partner to determine the most appropriate coverage.

Does cyber insurance or fraud insurance cover PCI DSS?

If your organization processes, shares or stores cardholder data, it must meet the Payment Card Industry Data Security Standard (PCI DSS). Cybersecurity insurance policies may cover vulnerability assessment costs, fines and penalties related to PCI DSS, as well as liability for cardholders or other claims caused by a card breach. Fraud insurance doesn’t usually cover PCI DSS.

What isn’t covered by cybersecurity insurance or fraud insurance?

Insurance carriers are specific about what policies cover. In some instances, you might not qualify for coverage. For example, insurance carriers will typically require organizations to have established security processes and procedures to qualify for cybersecurity insurance. However, if your organization’s security standards are outdated or poorly implemented, a policy may not cover your losses. Other non-covered items include:15

• Previous breaches
• Costs to improve technology systems, including new applications and hardening security systems
• Insider attacks or employee sabotage
• Failure to repair known vulnerabilities
• Unrepaired vulnerabilities
• Infrastructure failures that cyberattacks didn’t cause

Fraud insurance also comes with coverage restrictions – the most important of which is deceptive acts the policyholders commit themselves. These might include withholding information or providing false information to receive lower premiums, filing false claims, or intentionally causing fraud incidents.

Cybersecurity insurance and fraud insurance should work in tandem with corporate insurance that encompasses such liabilities as errors and omissions, business interruption, and bonding (if applicable). The types of insurance may overlap. Discuss with your broker how your corporation’s overall insurance portfolio will work to cover losses.

How much does cybersecurity insurance cost?

Businesses spent between $1,200 - $7,000 on cybersecurity insurance in 2024, with a median cost of $2,000 per year.16 However, coverage costs depend on various risk factors. 

• Your industry
• Type of data
• Number of clients/customers or patients
• Corporate revenue
• Security protocol
• Claims history

Consider the types of fraud that your organization may encounter, who and what will be affected and the costs to cover damages and/or resume operations. Discuss these criteria, as well as limits when meeting insurance carriers.

Protect your organization from losses.

Cybercrimes and fraud can incapacitate your organization. With increasing complexity and frequency, it’s important to be proactive in safeguarding your data, customers, employees, shareholders and reputation.

“Our clients wisely anticipate business risks and prepare to protect the people and organizations that may be impacted,” Parramore says. “Recovering from a data breach, malware attack or internal fraud can be difficult. While investing in insurance could be expensive, it is nothing compared to the damages and costs an organization suffers after an incident.”

Synovus helps our clients successfully prevent cybercrime and mitigate fraud, and can assist with assessing risks, as well as identifying an appropriate insurance partner. If you’d like more information, complete a short interest form. A Synovus Treasury & Payment Solutions Consultant will contact you with details. You can also stop by one of our local branches.