- Ransomware remains the leading driver of cyber insurance claims, with attackers increasingly targeting smaller firms and double extortion tactics on the rise.
- Retail, manufacturing, and professional services sectors face the highest exposure, driven by large data volumes, extensive networks, and business interruption risks.
- Non-attack incidents and growing digital supply chain dependencies are broadening the potential scope of losses, highlighting the need for robust cyber resilience.
- Cyber insurance policyholders show significantly greater resilience than uninsured organizations, emphasizing the importance of coverage for breach response, business interruption, and regulatory penalties.
The cyber risk and insurance landscape in 2025 continues to evolve, presenting both challenges and opportunities for companies of all sizes. While large insured firms have strengthened their cyber security measures and response capabilities—helping to reduce the impact of major cyber incidents—digital supply chain dependencies, expanding privacy regulations, and sophisticated social engineering attacks are widening the potential exposure for businesses. Overall, the total number of cyber claims is expected to remain stable through the year, as published by Allianz Commercial.
Ransomware Remains the Leading Cyber Threat
Ransomware continues to be the primary driver of cyber insurance claims, accounting for roughly 60% of the value of large claims in the first half of 2025. High-profile incidents across industries highlight persistent threats, although enhanced international law enforcement coordination and stronger cyber security measures at large companies are showing positive effects. Attackers are increasingly targeting smaller firms, which typically have lower resilience, as well as businesses in regions such as Asia and Latin America. According to Verizon, ransomware was involved in 88% of data breaches at small and medium-sized firms, compared with 39% at larger organizations.
The nature of ransomware attacks has also evolved. While early attacks focused primarily on extortion, recent incidents increasingly involve double extortion, including data theft. In the first half of 2025, 40% of the value of large claims included data exfiltration, up from 25% across all of 2024. Losses involving stolen data were more than twice as costly as those without, reflecting the rising financial stakes.
The average global cost of a data breach reached nearly US$5 million in 2024, influenced by stricter data privacy regulations and increasing cyber sophistication. The retail sector has emerged as particularly vulnerable, ranking among the top three industries affected by large cyber claims. Retailers account for 9% of claim value, following manufacturing (33%) and professional services (18%). Factors such as high revenues, large volumes of personal data, extensive staff and supplier networks, and complex IT systems make retail firms attractive targets and increase their exposure to business interruption losses.
Expanding Risk Landscape and Cyber Insurance Resilience
Beyond direct attacks, companies are facing a broader range of risks. Non-attack incidents—such as improper data collection or processing, and technical failures—made up a record 28% of large claims by value in 2024. Growing dependence on digital supply chains, tightening privacy regulations, and increasingly sophisticated social engineering attacks also expand the potential scope of losses, requiring companies to maintain robust cyber resilience strategies.
A clear divide is emerging between insured and uninsured organizations. In Germany, cyber insurance policyholders experienced a 70% increase in loss impact over four years, compared with a 250% increase in the overall economic cost of cyber crime. This resilience gap, exceeding 3:1, reflects the effectiveness of insurer-provided risk prevention, incident response services, and requirements tied to obtaining coverage. Minimizing business interruption, which represents over half of claim values, remains a critical objective, as continuity planning can significantly reduce financial losses for both companies and insurers.
“The global cyber insurance market is expected to more than double to nearly US$30 billion by the end of the decade, yet penetration remains relatively low. Cyber insurance plays a key role in building resilience amid rapid technological and regulatory changes, covering breach response, business interruption, and regulatory fines and penalties,” notes Jarrod Schlesinger, Global Head of Financial Lines and Cyber at Allianz Commercial.
Did you subscribe to our Daily newsletter?
It’s Free! Click here to Subscribe!
Source: Allianz Commercial
