An empirical analysis of the behavioral influences and information sources affecting the cyber insurance decisions of German SMEs

Purpose - The cyber insurance market in Germany shows a notable gap: while many large corporations are already demanding cyber insurance, small and medium-sized enterprises (SMEs) are still reluctant, despite its benefits. This study aims to analyze the behavioral and informational factors that influence cyber insurance decision-making and uncover the determinants that may inhibit demand among German SMEs. Design/methodology/approach - Using the data from a questionnaire survey of 1,248 German SME executives, the influence of behavioral and informational factors on cyber insurance demand is assessed utilizing logistic regression. Findings - The results reveal that the estimated financial impact and anxiety about a potential cyberattack significantly increase the likelihood of SMEs purchasing cyber insurance. Conversely, the perceived probability of future cyberattacks and prior experience do not significantly influence insurance decisions, probably due to challenges in probability estimation. In addition, confidence in the organization’s cyber risk management has a positive but insignificant influence on cyber insurance demand. External cybersecurity specialists positively impact cyber insurance demand, while internal cyber risk assessment has no significant influence, highlighting the challenges SMEs face in cyber risk assessment. Independent Internet research negatively impacts the purchase of cyber insurance, probably due to information overload. Originality/value - This study significantly contributes to the literature on corporate (cyber) insurance purchasing by primarily focusing on behavioral influences on SMEs’ insurance decision-making. It is also the first empirical analysis of the key information sources used by SMEs in their insurance decision-making, thereby providing various academic and practical implications.