The cyber insurance market in 2025 is showing two conflicting trends. Large corporates are tougher, with better-prepared systems that cut into the cost of major attacks.
Yet, the threat environment is still expanding, with attackers shifting tactics and targeting smaller firms that lack the same resilience.
That’s the takeaway from Allianz Commercial’s latest Cyber Security Resilience Outlook.
Through the first half of this year, Allianz counted about 300 cyber claims, roughly level with last year’s pace. The difference lies in severity.
Claim size has dropped more than 50%, and large-loss claims are down 30%. The shift reflects years of investment in cyber detection and incident response at global firms.
But the analysts warn that doesn’t mean the danger is fading. Supply chain reliance, tighter privacy laws, and more convincing social engineering are widening the scope of risk.
Ransomware continues to dominate the loss landscape. It accounted for 60% of large claim values in early 2025.
While law enforcement coordination and stronger corporate security have slowed some attackers, the focus has moved toward mid-sized businesses and firms in Asia and Latin America.
At SMEs, ransomware was involved in 88% of breaches, compared with 39% at large enterprises, according to Verizon.
The tactics are also shifting. Where once attackers relied on straight extortion, many now use double extortion, combining encryption with data theft.
In the first half of 2025, 40% of large claims involved data exfiltration, up from 25% in 2024. Those claims were more than twice as costly as encryption-only incidents.
With the average global breach cost hitting nearly $5 mn in 2024, tougher privacy regulation is pushing exposures higher.
Sector trends tell their own story. Manufacturing leads with 33% of large-claim value, followed by professional services at 18%.
Retail has now entered the top three at 9%, fueled by its dependence on personal data, sprawling supplier networks, and complex IT systems that attackers exploit for leverage.
Not every major claim involves a malicious actor. Non-attack events, including data mishandling and tech failures, made up a record 28% of large claim value in 2024.
Expanding digital supply chains and surging social engineering scams add to the mix of risks that companies and insurers face.
The resilience gap between insured and uninsured firms is also widening. In Germany, insured losses climbed 70% in four years, while the economic toll of cyber crime shot up 250%.
That gap of more than 3:1 reflects the effect of policyholder risk requirements, prevention services, and incident response support. Business interruption still makes up more than half of claim costs, and continuity planning remains central to reducing loss severity.
Looking forward, Allianz expects total cyber claims for 2025 to stay near 700, with the usual spike around Black Friday and year-end.
Michael Daum, Global Head of Cyber Claims, stressed the importance of detection speed.
The cost of a ransomware attack that progresses to data theft and encryption can be 1,000 times higher than an incident contained early
Michael Daum, Global Head of Cyber Claims
The market itself is set for strong growth. “The global cyber insurance market is predicted to more than double to close to $30 bn by the end of the decade,” said Jarrod Schlesinger, Allianz Commercial’s Global Head of Financial Lines and Cyber.
“Coverage extends beyond breach response to business interruption and regulatory penalties, but many companies still underestimate how much protection cyber policies can deliver.”
