Ransomware represented the number one cause of loss in a study of almost 6,000 cyber insurance claims, with the average ransom rising to $247,000 and the average incident cost up to $352,000 in 2020.

NetDiligence’s 11th annual cyber claims study evaluated 5,797 claims arising from incidents between 2016 and 2020. Across the five years of claims data, ransomware accounted for 32% of all incidents affecting small to medium enterprises (SMEs). Hacking incidents were a distant second at 10%, and business email compromise followed at 9%.

The study revealed that ransomware events accounted for 79% of claims with a business interruption (BI) expense, with an average BI cost of $446,000 in 2020 and an average BI cost of $316,000 over the five-year period. Ransomware events also caused 81% of claims involving recovery expense losses, according to the data.

Professional services firms were found to have the highest frequency loss over the last five years, followed by manufacturing, health care, technology, retail and financial services. The top five sectors account for 70% of claims and 74% of total incident costs. Professional services firms also contributed 32% ($229 million) of overall incident costs; this number is well above health care, which was 11%.

Claims costs range from less than $1,000 to over $120 million. Nearly all (99%) came from SMEs for a total of $537 million in losses, and the losses associated with the 1% of claims striking large businesses reached $727 million.

The averages include “some very expensive claims,” the authors of the report noted. For SMEs, six claims in the sample reached over $5 million, with one costing over $100 million. For larger companies, 10 claims featured costs between $15 million and $100 million. NetDiligence said it found no link between business size and the magnitude of a cyber loss, with the largest event affecting an SME.

“With ransomware again the number one cause of loss, we will be watching closely to see whether cyber policyholders, especially SMEs, deploy sufficient cybersecurity safeguards to reduce their ransomware exposure and qualify for ransomware coverage. If not, the challenge will be how we, as an industry, can help them get there,” said Mark Greisiger, NetDiligence president, in a statement.

E-COMP offers technology-driven cyber insurance alongside cyber risk reduction resources for businesses of all sizes, with premiums starting at $450.00 a year.

  • AM Best reports that the shutting down of systems for ransom (ransomware) now accounts for 75% of cyber claims in 2020.

Rob Sobers, a software engineer specializing in web security reported to Varonis:

  • 95% of cybersecurity breaches are caused by human error.
  • The average cost of a data breach is $3.86 million as of 2020.
  • And the average lifecycle of a breach was 280 days from identification to containment.
  • The cost of lost business averaged $1.52 million.

In under 3 minutes, get an instant cyber liability quote that includes risk reduction management and employee training, at no additional cost.

For more risk management and insurance guidance, contact us today.

Need Live Expertise? Call:  888-347-2648 or email us:  [email protected]
Copyright © 2024 Granite Insurance Brokers, Inc. | License #0C41366

Insurance services provided by Granite Insurance Brokers and its licensed agents and affiliates. The information contained within these materials are confidential and not to be distributed. Descriptions are general in nature only. Please refer to the terms and conditions of policies offered or purchased. Insurance products are subject to application and underwriting requirements. Pricing depends on a variety of factors including policyholder location. Not all discounts available in all states. Not all products available in all states. Use of and access to this information, site or any of the links contained within this site does not create a relationship between the user and Granite. © 2022 Granite Insurance Brokers, Inc. All Rights Reserved.