Analysis using Advisen Cyber Data Set shows smaller organizations face sharply higher costs from cyber incidents than large enterprises


Image: Cyber risks impact greater on SMEs says Photo: Courtesy of Pete Linforth/Pixabay

Cyber risks are far more costly events for small and medium-size enterprises than for larger organizations, according to a recent analysis by, provider of the leading end-to-end cyber risk analytics and insurance platform.

Arceo’s analysis, conducted using the extensive Cyber Loss Data compiled by Advisen Ltd., is detailed in a new cyber risk report. The analysis resulted in several startling conclusions about the impact of cyber events on small and medium-size enterprises (SMEs), including:

Incident costs are higher. The financial loss per incident, as a percentage of revenue, was nearly 70 times higher for SMEs compared with larger entities. Arceo’s research defines SMEs as organizations with 1,000 or fewer employees.

Revenue loss is greater. The average percentage of revenue that SMEs lost in each cyber incident was 3.4%, vs. 0.05% for organizations of all sizes.

Litigation follows quickly. When an organization discloses a data breach, 96% of the lawsuits relating to the breach are filed within 30 days.

Dr. Ann Irvine, head of data science at Arceo, led the analysis. “News coverage of massive data breaches can make cyber incidents seem as though their impact is mainly on large corporations. Our research showed that small and medium-size organizations are disproportionately burdened by cyber incidents,” Irvine said. “Arceo believes this latest analysis emphasizes how important it is for businesses and the cyber insurance industry to gain a clear picture of cyber risk by using data, thoughtful and appropriate analytic techniques, as well as domain expertise to interpret the results.”

Source: Company Press Release