Cyber Facts and FAQs

Find an Agent

An independent insurance agent can help you make the choices that are right for you.


Cyber attacks targeting small businesses are on the rise.

In fact, the largest growth area for targeted attacks in 2012 was businesses with fewer than 250 employees.1

1 Symantec 2013 Internet Security Threat Report.

The average data breach in the United States involves more than 28,000 records.

According to Ponemon's 2013 Cost of a Data Breach Report, the U.S. had an average of 28,765 exposed or compromised records per data breach.

In the United States, data breaches cost almost $200 per record.

The average cost per record of a data breach in the United States is $188, including direct (forensics, hotline support and credit monitoring) and indirect costs (loss of clients, employee time) 2.

2 Ponemon 2013 Cost of a Data Breach Report.

It doesn't take a hacker to cause a data breach.

Contrary to popular belief, nearly half of all data breaches in 2012 were not caused by an outside hacker. Lost laptops, employee mistakes or theft of paper records are often the cause of a data breach.3

3 2012 NetDiligence Cyber Liability and Data Breach Insurance Claims report .

What are the most common ways data gets compromised?
According to Verizon, the most common cyber attacks in 2012 involved network intrusions exploiting weak or stolen credentials (76%), hacking (52%), malware (40%), physical attacks (35%), social tactics or engineering (29%) and misuse or abuse of privileges (13%).1 

Is all cyber insurance the same?
No.  Each insurance policy may be materially different, it is important to work with your agent about tailoring a Travelers cyber insurance policy to fit your needs. Travelers offers superior services backed by our financial strength, underwriting experience and superior claim services.

What standards apply to data privacy?
There are a variety of Consumer Protection Laws and standards in place that address handling private and confidential data of others, including such examples as:

  • 47 State Data Breach Laws
  • USA Patriot Act
  • Children’s Online Privacy Protection Act (COPPA) 
  • Health Insurance Portability & Accountability Act (HIPAA)
  • Health Information Technology for Economic & Clinical Health Act (HITECH Act)
  • Gramm-Leach-Bliley
  • Sarbanes-Oxley
  • Federal Information Security Management Act (FISMA)
  • EU Data Protection Directive
  • California Databreach Protection Act (SB 1386)
  • Payment Card Industry Data Security Standard (PCI-DSS)

What should I do to prepare against cyber risks?
It is the business or organization's responsibility to protect its assets—which includes its data. Including the security of sensitive records and information as a category of managed risk is smart business and cyber insurance is a critical part of your plan that can help mitigate the associated expenses of a cyber attack or data breach.

1 Verizon 2013 Data Breach Investigations Report

Travelers Casualty and Surety Company of America and its property casualty affiliates.
One Tower Square Hartford, CT 06183

This material does not amend, or otherwise affect, the provisions or coverages of any insurance policy or bond issued by Travelers. It is not a representation that coverage does or does not exist for any particular claim or loss under any such policy or bond. Coverage depends on the facts and circumstances involved in the claim or loss, all applicable policy or bond provisions, and any applicable law. Availability of coverage referenced in this document can depend on underwriting qualifications and state regulations.

©  The Travelers Indemnity Company. All rights reserved.
Connect with usFacebook Twitter YouTube Linkedin