NetDiligence® Shares Unprecedented Insights into the Rising Tide of Cyber Risks

Thirteenth Annual Cyber Claims Study

Philadelphia, PA (Oct. 31, 2023) – NetDiligence®, a leader in cyber risk readiness and response solutions, is proud to announce the release of its highly anticipated thirteenth annual Cyber Claims Study. This comprehensive report delves into real-world data breaches and cyber-related incidents covered by leading cyber insurance providers. Sponsoring this study are RSM, Experian, Bitsight, and Constangy, Brooks, Smith & Prophete, LLP.

This year’s study analyzes 9,000 claims spanning the period from 2018 to 2022, with 800 claims from 2022 alone. These claims span a broad financial spectrum, from under $1,000 to more than $400 million in costs, involving organizations across seven revenue groups, 18 diverse business sectors, 25 causes of loss, and 13 types of compromised data.

The data has been aggregated in over 20 different ways, including crisis, legal, business interruption, recovery, and total incident costs; the nature of the event, type of data exposed, business sectors affected, revenue size of claimants, and causes of loss, including the impact of ransomware.

Findings in this report are presented separately for small to medium enterprises (SMEs) and large companies. This year’s analysis spotlights the escalating financial challenges faced by SMEs in the wake of modern day cyberattacks.

While the average cost of cyber incidents for SMEs showed a slight dip from 2021 to 2022, the average ransom demand for SMEs increased from $514,000 to $555,000 during the same period. Large companies, on the other hand, experienced a significant average incident cost of $13.8 million across all incident types.

In 2022, criminal activity accounted for a staggering 95% of cyber insurance claims from SMEs–a figure that has been steadily on the rise since 2018. The average costs incurred by SMEs for claims stemming from non-criminal activity more than tripled, increasing from $177,000 in 2021 to $433,000 in 2022.

Mark Greisiger, president of NetDiligence, remarked, “We want to thank our cyber insurance partners, whose participation in the study allows us to offer these insights. It is genuinely eye-opening to witness the profound financial ramifications of cyberattacks on SMEs. This year’s report reveals over 500 cyber claims from SMEs that exceeded $500,000 in total costs, with business interruption alone averaging $370,000. Organizations are often inadequately prepared to weather the potential financial storm brought about by cyber incidents.”

Greisiger went on to explain, “These trends underscore the urgent need for organizations of all sizes to proactively establish comprehensive incident response plans and other baseline security measures to mitigate both the financial and operational repercussions of data breaches and cyberattacks.”

NetDiligence’s new Cyber Claims Study offers a unique and sobering look into the evolving landscape of cyber risks, providing critical insights and intelligence for organizations navigating this challenging terrain.

To download the full report and dive deeper into these findings, click here.


NetDiligence Cyber Claims Study 2023 Infographic

Study findings will be presented at the NetDiligence Cyber Risk Summit in Beverly Hills, California. More in-depth coverage of findings, along with front line insights from sponsors, can also be found inside your cyber insurer’s eRiskHub® portal.

Study findings as well as the state of the cyber insurance market will be discussed further in two upcoming webinars from NetDiligence: Cyber Claims Study 2023 Report: A Review of Findings and Front Line Insights (November 2, 2023) and State of the Market Insights (November 16, 2023).

To download the full report and dive deeper into these findings, click here.

About NetDiligence

NetDiligence® specializes in Cyber Risk Readiness & Response services. With over 20 years of experience in cyber, NetDiligence is an award-winning provider of innovative cyber risk management software and services to the insurance industry, including QuietAudit® Cyber Risk Assessments, the eRiskHub® cyber risk management portal, their authorized Breach Coach® program, and Breach Plan Connect®, a securely hosted solution designed to help senior managers plan and execute their organization’s response to a cyber incident, and which also includes a free mobile app for convenient access and alternative means of communication if company systems are compromised. NetDiligence publishes an annual Cyber Claims Study and traditionally hosts their Cyber Risk Summit conferences in Philadelphia, California, Toronto, Florida, London, and Bermuda. For more information, visit


RSM’s purpose is to deliver the power of being understood to our clients, colleagues and communities through world-class audit, tax and consulting services focused on middle market businesses. The clients we serve are the engine of global commerce and economic growth, and we are focused on developing leading professionals and services to meet their evolving needs in today’s ever-changing business environment. RSM US LLP is the U.S. member of RSM International, a global network of independent audit, tax and consulting firms with 57,000 people across 120 countries. For more information, visit

About Experian

When every minute counts, count on Experian Data Breach Resolution for the partnership, solutions, and performance to create the best possible outcome. With 20+ years’ experience, we’ve managed some of the largest and highest-profile breaches in history. Our turnkey offerings include Experian Reserved Response™, data breach response, crisis response management, and identity protection. Discover more at

About Bitsight

Bitsight is a cyber risk management leader transforming how companies manage exposure, performance, and risk for themselves and their third parties. Companies rely on Bitsight to prioritize their cybersecurity investments, build greater trust within their ecosystem, and reduce their chances of financial loss. Built on over a decade of technological innovation, its integrated solutions deliver value across enterprise security performance, digital supply chains, cyber insurance, and data analysis. To learn more, visit

About Constangy, Brooks, Smith & Prophete, LLP

For over 75 years, Constangy has provided workplace advice to employers. In 2023, it began providing data privacy and security services. Throughout its history Constangy has also been a diverse firm. It embraces the ABA “Resolution 113” goals to advance diversity, equity, and inclusion in the legal profession and has been recognized as one of the top law firms for diversity in each of the past seven years. To learn more, visit

Source: NetDiligence

Tags: ,