‘The sharp rise in cyber insurance claims highlights how pervasive and sophisticated cyber attacks have become – and this trend is only set to accelerate,’ says head of cyber security
Insurers paid out £197m in cyber claims to UK businesses in 2024, according to new data from the ABI.
That figure represents a 230% year-on-year increase on the £59m paid out in 2023, driven both by an increase in claims and a 17% growth in policies between 2023 and 2024.
Malware and ransomware attacks accounted for over half of all claims, up 32% on the previous year. The ABI highlighted how “increasingly sophisticated digital threats are causing more extensive damage, leading to higher payouts”.
The association has also called for cyber insurance to “become a part of every organisation’s modern risk management strategy”, given the role it can play in both preventing and remedying cyber incidents.
Jonathan Fong, head of general insurance policy at the ABI, explained that beyond acting as a financial safety net, cyber insurance “can also help prevent attacks through access to expert advice, threat monitoring and incident response planning”.
Pervasive attacks
Reacting to the ABI’s report, Anton Yunussov, director and head of cyber security at Forvis Mazars, said: “The sharp rise in cyber insurance claims highlights how pervasive and sophisticated cyber attacks have become – and this trend is only set to accelerate.
Read: Digital assets broker launches crypto cyber security framework
Read: Superscript launches new initiative to aid crypto miners access property insurance
Explore more cyber-related content here, or discover other news stories here
“The data reflects what we are seeing on the ground – ransomware, phishing and supply chain attacks are becoming more targeted, often fuelled by AI-generated campaigns that are far harder to detect. Cybersecurity can no longer be viewed as a technology or compliance issue – it’s a strategic business risk that affects every part of an organisation.”
He continued: “The fact that insurers are paying out record sums underlines how costly these incidents have become – not only in financial terms, but in reputational damage and operational disruption.
“British companies must take a proactive approach – regularly assess risks, strengthen third-party oversight and embed a security-first culture through training and accountability.
“Cyber attacks are now an ongoing and inevitable threat to UK businesses. Those that treat cybersecurity as a core strategic priority by investing in prevention, response and recover, will be far better positioned to withstand the next wave of attacks.”
He graduated in 2017 from the University of Manchester with a degree in Geology. He spent the first part of his career working in consulting and tech, spending time at Citibank as a data analyst, before working as an analytics engineer with clients in the retail, technology, manufacturing and financial services sectors.View full Profile
No comments yet