A new study released this week highlights the extreme cyber coverage gap that exists.

The startling findings indicate the average coverage gap is 350 percent, which means that more than 75 percent of the incident was not covered and equates to an approximately $27.3 million average uncovered loss, according to the study, “Inadequacies in Breach Insurance Coverage: A Data-Driven Gap Analysis,” released by cybersecurity optimization platform provider CYE.

Of the insured companies that suffered a data breach, 80 percent did not have sufficient coverage, the study found.

In some cases, the maximum insurance gap reached 3,000 percent.

“Low tech” sectors of accommodation and food services, construction, transportation and warehousing were among the more adequately covered ones, while sectors like finance and insurance, information and manufacturing present well beyond a 100 percent gap in coverage, the analysis found.

“Many organizations are aware of cyber risk, but do not fully comprehend what the potential cost could be if they are breached,” said Nimrod Partush, vice president of Data Science at CYE. “This study underscores how many companies rely on cyber insurance to cover the losses incurred as a result of cyber incidents and are then taken by surprise when they find that their insurance only covers a small portion.”

The study indicates the need for more accurate cyber risk quantification so organizations and insurers can be better prepared if a cyberattack occurs.

“Performing accurate CRQ assessments not only provides a more realistic estimate of damages, but also enables optimal mitigation planning and cyber budgets with high ROI, allowing organizations to avoid breaches altogether,” study authors said.

The study also highlights the hidden costs of cyber breaches, such as loss of intellectual property, class action lawsuits arising from compromised personal information, regulatory fines and more.

The study analyzed a total of 101 incidents across various sectors containing breach coverage figures.

The focus sharpened on sectors vulnerable to cyber threats: finance and insurance, manufacturing and information.