Decode Cyber Brief: Employee negligence, malfeasance attributable to more than half of cyberinsurance claims

March 1, 2018


It is with much excitement that we present our Decode Cyber Brief. Last winter, we introduced the inaugural Willis Towers Watson “Reported Claims Index,” a sampling of cyber claims representing different industries, incidents, severity and loss amounts of a five-year period. Because cyber threats are dynamic, we have concluded that, to provide our clients with critical insights on claim trends, there is greater value in analyzing the data annually. To that end, for this edition, we have aggregated and analyzed data from approximately 225 cyber claims that we reported to insurers on behalf of our clients during 2017.

As shown in the chart below, the human element remains an overwhelming cause of cyber risk, with a staggering 58% of the claims included in this year’s Reported Claims Index directly attributable to employee negligence and/or malfeasance (see chart). Significantly, the percentage of hacking claims was 23%, which can be attributed to a number of factors, including: (1) increased sophistication of hackers; (2) failed technology; and (3) human error, such as the failure of an employee to deploy available patches (e.g., WannaCry incident). The consistent and important observation in all of the claims remains that, while technology is a critical component of cyber risk management, the crux of the majority of these claims is human error. As such, in addition to improving technology defenses and risk transfer strategies, organizations are advised to continue allocating sufficient capital to employee training and talent strategies (to address skill-related vulnerabilities) in order to drive a cyber-savvy workforce and resilient enterprise.

Willis Towers Watson Reported Claims Index

Type Percentage
Employee negligence or malfeasance-Accidental/Lost/Rogue 58%
Hack 23%
Social Engineering 10%
Denial 7%
Unknown 2%

The articles in this edition cover some of the recent and emerging cyber trends, which are supported by the Reported Claims Index. Please enjoy our Decode Cyber Brief and, as always, we look forward to your comments and feedback.

Table of contents

Related solution

Contributing editors



Could organizations deemed ‘too big to breach’ face more stringent cyber regulations? Emerging cyber risk: Intellectual property theft Estimating business interruption loss due to a cyberattack: Best practices Here comes the next wave of cyberinsurance buyers Software as a service, ‘Internet of Things’ supercharge risk for technology companies