Ransomware has emerged as the primary cause of costly cyber claims, particularly affecting small and mid-sized businesses in 2025. According to the latest findings from Allianz’s Cyber Security Resilience 2025 report, hardened defenses at large corporations have prompted attackers to target smaller firms. The report reveals that ransomware was involved in 88% of breaches at these smaller enterprises, compared to just 39% at larger companies.
In the first half of 2025, ransomware accounted for approximately 60% of claims exceeding €1 million. As cybercriminals adapt their strategies, they are increasingly focusing on data exfiltration rather than merely encrypting data. This shift makes breaches more complex and costly to resolve, emphasizing the high value of stolen data for attackers. Exfiltration often requires less effort than encryption and is more likely to result in ransom payments.
The average global cost of a data breach reached nearly $5 million last year, with privacy regulations and litigation risks compounding financial exposure for businesses. Attackers are exploiting employees as an entry point, utilizing tactics such as social engineering, phishing, and business email compromise. The rise of generative AI has made these schemes more sophisticated, enhancing their effectiveness.
An example of this trend is the group known as Scattered Spider, which has utilized fake help desk calls and credential abuse to launch ransomware attacks within as little as 24 hours following an account takeover. Retailers have emerged as the most targeted industry in early 2025, trailing only manufacturing and professional services in total cyber losses since 2020. Their extensive personal data and intricate supply chains make them particularly appealing targets for cybercriminals.
Trends in Cyber Claims and Business Interruptions
The Allianz report highlights supply chain disruptions as an increasing source of claims. Business interruptions due to supplier issues are becoming more frequent, and incidents related to cloud security are also rising. Even organizations with robust internal controls are vulnerable if a vendor experiences an outage or breach.
Furthermore, not all losses stem from hostile activities; technical failures and privacy missteps are contributing to a growing share of claims. For the first time, business interruption linked to IT outages entered Allianz’s dataset, partly due to a global service disruption that affected millions of systems.
Privacy litigation is also on the rise, with over 1,500 actions filed in the United States last year alone. Despite these escalating threats, Allianz’s analysis reveals positive trends among insured companies. Overall claims severity decreased by more than 50% in the first half of 2025, while the number of very large claims fell by about 30%.
The improved outcomes can largely be attributed to proactive measures taken by insured firms. Basic controls such as patching, segmentation, backups, and multi-factor authentication (MFA) have limited damage. Early detection and response capabilities can reduce losses significantly, sometimes by a factor of 1,000.
Future of Cyber Insurance and Regulatory Landscape
Business continuity planning and tabletop exercises are crucial for organizations to navigate cyber threats effectively. Business interruption still accounts for over half the value of cyber claims, and firms that engage in response scenario practices tend to fare better during attacks.
As the regulatory framework continues to evolve, new mandates like the Digital Operational Resilience Act and the NIS2 directive in Europe will require improved risk management and reporting in critical sectors. While these regulations may pose challenges for mid-sized companies lacking mature systems, they are expected to drive resilience improvements across the board.
The cyber insurance market is projected to expand significantly, with expectations of nearly doubling to $30 billion by 2030. Demand is particularly increasing among mid-sized companies and in regions with historically low insurance uptake. According to Jarrod Schlesinger, Global Head of Financial Lines and Cyber at Allianz Commercial, “The global cyber insurance market is predicted to more than double to close to $30 billion by the end of the decade, yet penetration remains relatively low.”
Schlesinger emphasizes the vital role of cyber insurance in enhancing resilience amid rapid technological and regulatory changes. Many companies remain unaware of the breadth of coverage available, which can include expenses related to breach response, business interruption, and regulatory fines.
As cyber threats continue to evolve, understanding and adapting to the changing landscape will be critical for businesses of all sizes.