Insurance Business Magazine reports:
The cyber insurance sector in 2025 is witnessing a shift in risk dynamics as large organisations strengthen their defences against cyber threats.
Allianz Commercial’s recent Cyber Security Resilience Outlook indicates that enhanced cyber security measures and incident response protocols have helped major insured companies reduce the impact of significant cyber losses this year.
However, the expansion of digital supply chains, increasing regulatory requirements, and evolving social engineering tactics continue to introduce new vulnerabilities for businesses.
Read more at Insurance Business Magazine.
The impression you get may depend on what report you read. HIPAA Journal reports insurance claims may be decreasing, but ransomware losses are increasing:
There’s good and bad news on the ransomware front. Attacks are down year-over-year; however, successful attacks are proving even costlier to mitigate, according to the Mid-Year Risk Report from the cyber risk management company Resilience. The company saw a 53% reduction in cyber insurance claims in the first half of the year, which indicates organizations are getting better at preventing attacks; however, when ransomware attacks succeed, they have been causing increased financial harm, with losses 17% year-over-year. While ransomware accounted for just 9.6% of claims in H1, 2025, ransomware attacks accounted for 91% of incurred losses.
On average, a successful ransomware attack causes $1.18 million in damages, up from $1.01 million in 2024, and the cost is even higher in healthcare. Resilience’s healthcare clients suffered average losses of $1.3 million in 2024, and in the first half of 2025, some healthcare providers faced extortion demands as high as $4 million. While it is too early to tell what the severity of claims will be in 2025 until claims are settled, Resilience said there are indications that the average severity of incurred losses for healthcare ransomware attacks this year could be $2 million, up from an average of $705,000 in 2024 and $1.6 million in 2023.
Read more at HIPAA Journal.
