A recent study of 145 data breach claims in 2013 conducted by NetDiligence, a Philadelphia-based cyber risk assessment services company, found that insurance companies paid out $84 million in data-breach- and security-incident-related costs. Mark Greisiger, president of NetDiligence, told CRN that the company works with cyberinsurance companies and hopes its annual study can be used to illuminate the real costs of incidents from an insurer’s perspective.
The claims were paid out for legal defense, legal settlements, regulatory fines, forensics costs, credit monitoring and identity theft remediation costs, the study revealed. The bulk of the payouts paid for crisis services, which include forensics, notification, credit monitoring and legal counsel. The smallest payout for crisis services was $2,560, while the largest payout was $11.5 million. The average payout was $737,473.
CRN brought together some of the interesting findings from the report that shed insight into the struggle businesses go through when dealing with data breaches.