Email compromise claims costs surge in latest NetDiligence study

The cost of business email compromise incidents more than doubled in 2023 compared to 2022 in NetDiligence’s latest cyber claims study.

The average cost of a business email compromise claim rose to $183,000 in 2023 from $84,000 in 2022, according to NetDiligence, which provides cyber risk management software and services to the insurance industry.

This company’s annual cyber claims report presents data from over 10,000 cyber insurance claims from incidents occurring from 2019 through 2023.

The report also underscores the varying impact of cyber risk across different sectors. Small and medium-sized enterprises (SMEs) in the professional services sector saw average incident costs surge to $307,000 from $199,000 in 2022.

On the other hand, healthcare SMEs saw their average incident costs decline very sharply over the last three years, from $583,000 in 2021 to $173,000 in 2023.

“Healthcare and manufacturing SMEs seem to be benefiting from a modest drop in incident costs,” said Mark Greisiger, president of NetDiligence. “However, the financial services sector is facing a sharp rise in incident costs, reminding us that cyber risks evolve differently across industries.”