The cyber risk and insurance landscape in 2025 reveals a complex and evolving threat environment. Large insured companies are becoming increasingly resilient against cyberattacks with strengthening of cyber security and preparedness and response capabilities helping to mitigate the impact of some of the large cyber losses in 2025 to date. However, the reliance on digital supply chains, impact of expanding privacy regulation, and more sophisticated social engineering attacks targeting employees are also broadening the scope of potential losses for all companies, according to the latest Cyber Security Resilience Outlook from Allianz Commercial.
“Several ransomware events have hit the headlines this year, but overall, we see that insured losses from these attacks have decreased in 2025 to date. Insureds’ increased detection and response capabilities are helping to stop some attacks at an early stage. Every step an attacker progresses, and every minute that they are in the system, the impact goes up exponentially. The cost of a ransomware attack that progresses to data theft and encryption can be 1,000 times higher than an incident that is detected and contained early,” says Michael Daum, global head of cyber claims at Allianz Commercial.
Key takeaways:
· During the first half of 2025, analysis shows the overall frequency of notifications was in line with activity a year earlier with around 300 claims. Despite the increasing sophistication and volume of attacks companies face, claim severity has declined by more than 50%, while the frequency of large loss claims is down by around 30%, driven by larger companies’ cumulative investments in cyber security, detection and response.
· Ransomware attacks remain the top driver of cyber incidents while the focus of attackers is also shifting to smaller or mid-sized companies which are less resilient against cyber-attacks and data breaches. Overall, the total number of cyber claims in 2025 is expected to remain stable (around 700), with a seasonal uptick in activity expected around Black Friday at the end of November to year-end.
· Ransomware attacks accounted for around 60% of the value of large claims during the first half of 2025. Attackers are also shifting focus to smaller firms, which are typically less resilient than multinationals, as well as firms in other territories, such as in Asia or Latin America. Ransomware was involved in 88% of data breaches at small and medium firms compared to 39% at large firms, according to Verizon.
· Recent years have seen a shift from purely extortion-based ransomware attacks to double extortion including data exfiltration – 40% of the value of large cyber claims during the first half of 2025 included data theft, up from 25% in all of 2024. Losses involving data exfiltration were more than double the value of those without. The average global data breach cost hit a record high at almost $5 million in 2024, driven by factors such as the impact of stricter data privacy regulation.
· The retail sector has been particularly vulnerable to cyber incidents, entering the Top 3 of most impacted industries, accounting for 9% of claims by value after manufacturing (33%) and professional services firms (18%).
· In Germany, insurance industry figures show that the loss impact of cyber insureds increased by around 70% over four years, compared with a 250% increase in the economic impact of cybercrime. This resilience gap of more than 3:1 reflects cyber insurance policyholders’ heightened awareness of risk and their actions to mitigate it, many of which are a condition of obtaining insurance. It also reflects the effectiveness of risk prevention services and incident response assistance provided by insurers. Minimizing business interruption, which accounts for over 50% of cyber claim values, remains a key objective, as business continuity planning will significantly reduce costs for companies and insurers.
“The global cyber insurance market is predicted to more than double to close to US$30bn by the end of the decade, yet penetration remains relatively low. We need to underline that cyber insurance plays an important role in helping build resilience at a time of rapid technological and regulatory change. Many companies remain unaware of the breadth of coverage offered, which can include costs associated with breach response, business interruption, and regulatory fines and penalties,” says Jarrod Schlesinger, global head of financial lines and cyber at Allianz Commercial.
