Back To Press Releases

NetDiligence® Releases Latest Study on Cyber Claim Costs

Publishes Sixth Annual Study of Cyber Claim Payouts

PHILADELPHIA, October 17, 2016 – NetDiligence®, a leading cyber risk assessment and data breach services company, announced today it has published its sixth annual Cyber Claims Study, a study of actual losses for data breach events covered by leading cyber liability insurance carriers.

This year’s report summarizes NetDiligence’s findings for a sampling of 176 cyber liability insurance claims, 163 of which involved the exposure of sensitive data. The study examines the type of data exposed, the cause of loss, the business sector in which the incident occurred and the size of the affected organization. The study includes analyses on claims due to third-party breaches and claims due to insider involvement, both accidental and malicious. This year’s study also includes new analyses on cloud involvement, cyber extortion/ransomware, phishing and POS-related claims.

The primary focus of the study is the costs incurred by underwriters due to cyber claim events, including Crisis Services (forensics, notification, credit/ID monitoring and legal counsel/Breach Coach®), Legal (class action lawsuit defense and settlement), Regulatory (defense and settlement) and PCI (fines).

This year’s study finds the average total breach cost was $665K, with an average payout for Crisis Services of $357K. The average claim for a large company was almost $6 million. The average claim in the Financial Services sector was $1.8 million, while the average claim in the Healthcare sector was $717K.

“As an independent and trusted partner to the cyber liability insurance industry, NetDiligence is uniquely positioned to combine data from multiple insurers so that the pool of claims is large enough to ascertain real costs, project future trends and better educate concerned Risk Managers and CFOs,” said Mark Greisiger, president of NetDiligence. “We are honored that our cyber liability insurance carrier and broker partners share a sampling of their loss data with NetDiligence. Without them, the valuable insights this educational study provides would not be possible.”

Sponsoring this year’s NetDiligence Cyber Claims Study are AllClear ID, RSM, Cipriani & Werner, P.C., and Symantec Cyber Insurance.

AllClear ID is a platinum sponsor of this important industry study for the third straight year. According to Bo Holland, founder and CEO, “The cyber threat landscape today is constantly evolving, and businesses need to be ready to respond in advance of a data breach if they want to have a successful response. To do this, understanding the costs associated with breach events is critical. The insight into claims costs this study provides will enable businesses and industry partners to plan for breaches more effectively and better mitigate financial risk.”

The NetDiligence® 2016 Cyber Claims Study is available for download at the NetDiligence website ( eRiskHub® licensors and their clients have exclusive access to an expanded version of the study in the eRiskHub (

Media Contact:
Mark Greisiger
President, NetDiligence®
[email protected]

— # # # —

About NetDiligence®
NetDiligence® is a cyber risk assessment and data breach services company. Since 2001, NetDiligence has conducted enterprise-level cyber risk assessments for a broad variety of organizations, including public entities, financial services, retailers, software developers, medical providers and universities. NetDiligence services are used by leading cyber liability insurers to support loss-control and education objectives. The NetDiligence eRiskHub® ( is licensed by a majority of cyber liability insurers to provide educational and loss-control services to their policyholders. NetDiligence also publishes an annual Cyber Claims Study and hosts annual Cyber Liability Conferences in Philadelphia, Santa Monica and Toronto. For more information, visit

About AllClear ID
AllClear ID is the leader in customer security, providing data breach response services to businesses that aim to protect their greatest asset: customers. As an industry leader and trusted partner with more than 10 years of specialized experience in data breach response, AllClear ID has helped thousands of businesses prepare for, respond to, and recover from data breaches, including successfully managing three of the four largest and most complex breach responses in history. The award-winning AllClear ID team is recognized for its expertise, customer service, and innovative solutions. Learn more:

About RSM
RSM US LLP (formerly McGladrey LLP) is the leading provider of audit, tax and consulting services focused on the middle market, with 9,000 people in 86 offices nationwide. It is a licensed CPA firm and the U.S. member of RSM International, a global network of independent audit, tax and consulting firms with more than 38,300 people in over 120 countries. RSM uses its deep understanding of the needs and aspirations of clients to help them succeed. For more information, visit

About Cipriani & Werner
Cipriani & Werner, P.C. delivers an end-to-end, integrated approach to its clients’ privacy and data security needs.  Clients of this Mid-Atlantic litigation defense firm benefit from our team of professionals that includes experienced litigators, leaders in crisis communications, forensic IT assessment and mitigation, regulatory compliance and government relations offering services including corporate and IT audits and risk assessments, development of breach response plans, our breach response team and litigation defense.  Our clients appreciate the simplicity and certainty of having a single point of contact with a trusted team that has served the insurance industry for more than three decades. For more information, visit

About Symantec Cyber Insurance
Symantec Cyber Insurance ( provides a robust analytics platform for underwriters, portfolio managers, risk analysts and actuaries to measure cyber risk leveraging the power of Symantec’s cyber security intelligence and enable their customers to improve resiliency against emerging cyber attacks. Symantec’s cyber security intelligence is being used by global insurance leaders to optimize their portfolios and accurately quantify as well as price cyber risk. Symantec Corporation (NASDAQ: SYMC) is the global leader in cyber security. Operating one of the world’s largest cyber intelligence networks, we see more threats and protect more customers from the next generation of attacks. We help companies, governments and individuals secure their most important data wherever it lives.

Download 2023 Cyber Claims Study

The annual NetDiligence® Cyber Claims Study uses actual cyber insurance reported claims to illuminate the real costs of incidents from an insurer’s perspective.


© 2024 NetDiligence All Rights Reserved.