2018 Cyber Claims Study
The eighth edition of the NetDiligence® Cyber Claims Study offers insights for business innovation. In the same way that a business gains operational perspective by going through an audit, both the insurer and the insured can use the findings of this research to inform decision making and risk management.
By the Numbers
- 1,201 claims analyzed, arising from incidents occurring from 2013–2017
- 298 claims analyzed arising from incidents occurring in 2017
- Over 500 new claims collected in 2018, from incidents occurring from 2015–2017
- 85% of the claims were from smaller organizations (< $2 billion in revenues)
The data from these claims have been aggregated and analyzed from many angles, including number of records exposed, crisis services cost, total breach cost and per-record cost. In addition, the study includes more than twenty categorizations of the data, including analyses by type of data, sector, revenue size, and cause of loss; losses caused by business interruption; losses for incidents that exposed no records; losses caused by criminal and non-criminal activity; and losses caused by a third party.
Download The Rep ort
AIG Cyber Claims:
GDPR and business email compromise drive greater frequencies
Business email compromise (BEC) has overtaken ransomware and data breach by hackers as the main driver of AIG EMEA cyber claims, according to the latest cyber claims statistics. Nearly a quarter of reported incidents in 2018 were due to business email compromise (BEC), up significantly from 11% in 2017. Ransomware, data breach by hackers and data breach due to employee negligence were the other main breach types in 2018.
BEC has entered the report this year under a new category given the high number of BEC-related claims received by AIG over the past 12 months.
In most cases the compromise can be traced back to a phishing email containing a link or attachment. If the recipient engages with the content of a phishing email it may allow intrusion into the user’s inbox. The majority of users are familiar with the concept of phishing emails but there remains a high number of incidents where the user follows a link directing the recipient to a bogus login screen. As soon as the victim enters their credentials, they are captured by the cyber-criminal who then has the necessary information to login to the victim’s email account.
The perpetrator is then able to send and receive emails from the victim’s email address and access all the information in the victim’s email inbox. In many cases the BEC is exacerbated by malware that spreads the scam to contacts in the recipient’s inbox. A relatively simple type of scam, BEC attackers often target individuals responsible for sending payments, using spoof accounts to impersonate the company C-suite or a supplier and requesting money transfers, tax records and/or other sensitive data.
At a Glance
- Business Email Compromise (BEC) is now the top cause of loss for cyber claims followed by ransomware which is becoming increasingly targeted and disruptive, affecting business interruption costs. All cyber attack impacts are still greatly influenced by human error.
- Professional Services is now the sector hardest hit by cyber claims, followed by Financial Services. However, incidents continue to spread among a range of sectors, indicating that no industry is immune to cyberattack.
- The long term trend of increasing claims frequency continued in 2018 with around as many claims as the previous two years combined.
In March 2019, AIG carried out an analysis of more than 1,100 EMEA claims notified under its cyber policies between 2013 and December 2018. The results of this analysis show general insights into this area only. It should be noted that other industries and sectors not highlighted in this report may also experience frequent and severe claims. In 2018, the number of claims notified under AIG’s cyber policies were broadly commensurate with AIG’s premium growth for this product.
Download The Report
2016 Cyber Claims Study
The annual NetDiligence® Cyber Claims Study uses actual cyber liability insurance reported claims to illuminate the real costs of incidents from an insurer’s perspective.
Our objective for this study is to help risk management professionals and insurance underwriters understand the true impact of data insecurity by consolidating claims data from multiple insurers so that the combined pool of claims is large enough that it allows us to ascertain real costs and project future trends.
While many leading cyber liability insurers participate in the study every year, there are many insurers that have not yet processed enough cyber claims to be able to participate. So our annual study remains a work in progress, while still producing some interesting results.
It is our sincerest hope that each year more and more insurers and brokers will participate in this study—that they share more claims and more information about each claim—until it truly represents the cyber liability insurance industry overall.
Download the Report
- The majority of claims submitted for this study are for smaller (Main Street) organizations and our findings best represent that group .
- Many insurers are leveraging legal counsel (Breach Coach®) early in the claims process to minimize mistakes on the part of the affected organization .This tends to prevent or minimize follow-on regulatory fines, legal defense and settlement costs .
- Insurers are putting in place ‘preferred vendor panels’ with pre-negotiated rates for Crisis Services costs, which we believe significantly reduces the cost of breach response for policyholders of those insurance carriers . We estimate data breach response costs for an uninsured organization could be up to 30% higher than costs for an insured organization .