Back To Press Releases

Continuing to Shed Light on Cyber Claim Costs

NetDiligence® Publishes Third Annual Study of Actual Claim Payouts

PHILADELPHIA, October 31, 2013 – NetDiligence®, a leading cyber risk assessment and data breach services company, announced today it has published its third annual Cyber Liability & Data Breach Insurance Claims – A Study of Actual Claim Payouts.

This year’s report summarizes NetDiligence’s findings for a sampling of 145 cyber liability insurance claims, 140 of which involved the exposure of sensitive data. The study examines the type of data exposed, the cause of loss, the business sector in which the incident occurred and the size of the affected organization.

The study also explores the costs associated with Crisis Services (forensics, notification, credit monitoring, and legal counsel), Legal (defense and settlement), and Fines (PCI & regulatory).

“We’re gratified that this study has been so well received by the cyber liability insurance industry,” said Mark Greisiger, president of NetDiligence. “While the dataset underlying this report is still relatively small, every year more insurers participate and more claims are submitted for study. That’s a welcome trend–as the larger the dataset, the more accurate, useful information we can provide to risk management professionals and insurance underwriters.”

Joining NetDiligence in this endeavor are sponsors of this year’s study: AllClear ID, Faruki Ireland & Cox PLL and Kivu Consulting.

Bo Holland, Founder and CEO, indicated that AllClear ID sponsored this year’s study because reducing the crisis management costs of breaches is of utmost importance to cyber insurers and their customers. “This study reinforces our own extensive research with over 30,000 consumers. Too many insurers are using crisis services designed over 10 years ago, whereas AllClearID is focused on a modern response program that better meets the needs of insurers, consumers and regulators.”

Ronald I. Raether, Jr., partner at Faruki Ireland and Cox PLL, discussed his firm’s decision to help underwrite the NetDiligence study. “Our firm has been in the trenches of data breach response since 2005. One issue has been constant – helping clients understand the risks and costs associated with a data breach before, during and after an event. This study has been an invaluable tool in helping clients better understand the true impact of a breach and measuring the success of any response. FI&C is proud to be a part of making sure that this valuable resource continues to be available.”

“As one of the few studies about actual costs incurred, Kivu sponsored this study to improve the conversation about the real-world impact of data breach events,” explained Winston Krone, Kivu Consulting’s Managing Director. “Too frequently, forensic analysis in a data breach is mistakenly considered to be just another remediation stage, rather than a crucial part in mitigating and controlling the overall costs of a data breach, with the potential of determining that no breach has even taken place.”

This year’s study is now available for download at the NetDiligence website ( Additional detailed findings will be published in November 2013 exclusively in the eRisk Hub® ( for the benefit of eRisk Hub licensors and their clients. The eRisk Hub is a web-based cyber risk management portal that helps organizations prevent and recover from data breaches.

About NetDiligence®

NetDiligence® is a cyber risk assessment and data breach services company. Since 2001, NetDiligence has conducted thousands of enterprise-level cyber risk assessments for a broad variety of corporate clients, including well-known names in banking, brokerage, mortgage, insurance, clearinghouse, and other financial service sectors. NetDiligence services are used by leading insurers in the U.S. and U.K. that offer “hacker insurance” for businesses. Insurers like Arch, Chubb, Zurich, Beazley, Hiscox, Aspen, Brit and other Lloyds of London syndicates rely on NetDiligence risk assessments to support both loss-control and educational objectives. Partnerships with these leading cyber liability insurers, along with a time-tested risk management approach (eliminate, mitigate, accept and cede residual risk), make NetDiligence uniquely positioned to help organizations of all types and sizes manage their cyber risk. For more information, visit

About AllClear ID

AllClear ID is the price, service, and product leader in the data breach response industry. We partner with cyber insurers to provide unique solutions that save money and effectively cover data breach events. Our innovative, proactive approach to breach response offers significant cost savings compared to a standard response, while providing better protection to victims, resulting in fewer customer complaints and less brand tarnish. Year-after-year, AllClear ID is recognized for unsurpassed customer service, patented technology and innovative identity protection services. AllClear ID has received 10 international awards for outstanding customer service and maintains an industry-leading 97% customer satisfaction rating. For more information, visit

About Faruki Ireland & Cox, LLP

At Faruki Ireland and Cox, we not only excel at representing you in litigation and resolving the conflicts that threaten your business’s future, but also are working to keep you out of the fight in the first place. We have taken our broad experience in the litigation trenches to help clients strategize, plan and account for information privacy and security requirements as part of their business development and risk compliance functions before an event occurs. Most look at data privacy and security as onerous, expensive compliance burdens. Not us. We develop seamlessly integrated responsible information management practices. Be it HIPAA, GLBA, FCRA, or data breach response planning, accounting for privacy can keep you out of the press, courtroom or regulators’ cross-hairs. Whether before or after an event, let Faruki Ireland and Cox lead you to success. For more information, visit

About Kivu Consulting

Since 2009, Kivu has been providing incident response, forensic analysis and technical remediation in data breaches nationwide. Our findings have allowed organizations to avoid unnecessary notification and reduce their exposure to subsequent litigation. Using inhouse experts and proprietary remote analysis tools, we swiftly and cost-effectively determine if a breach has occurred, determine its size and scope, and provide valuable evidence for responding to regulators, customers and litigants. Kivu is a pre-approved vendor with most cyber-insurance carriers. We have an established record working with the leading breach coaches and law firms handling cyber events. For more information, visit

— # # # —

Download 2023 Cyber Claims Study

The annual NetDiligence® Cyber Claims Study uses actual cyber insurance reported claims to illuminate the real costs of incidents from an insurer’s perspective.


© 2024 NetDiligence All Rights Reserved.