Estimated reading time: 5 minutes
Compared to the same period last year, cyber claim severity dropped by more than 50% in early 2025, according to Allianz Commercial’s new Cyber Security Resilience 2025 report. The findings highlight stronger defenses among insured firms, but also reveal expanding risks from data theft, supply chain disruption, and privacy litigation.
Claims Decline in Severity, but Threats Broaden
The frequency of cyber insurance claims in the first half of 2025 remained steady at about 300 notifications, matching last year’s activity. But Allianz found that “claims severity has declined by more than 50%” and that “the frequency of large loss claims (>€1mn) is down around 30%”.
Michael Daum, Global Head of Cyber Claims at Allianz, credited the shift to stronger resilience, saying, “Insureds’ cumulative investments in cyber security, detection and response are helping to stop attacks at an early stage.”
Ransomware Evolves, Targets Mid-Sized Firms
Ransomware remains the primary driver of cyber claims, accounting for 60% of the total large claim value in 2025.
But attackers are moving downmarket. “The bar for a successful attack against a well-protected large corporate is now much higher,” Daum said. “So they are moving down the chain where companies are less well protected.”
Recent attacks on retailers and regional firms underscore this trend.
Data Exfiltration Surpasses Encryption
The report shows a dramatic increase in data theft. Allianz found that “40% of large cyber claims… during 1H 2025 included data theft, up from 25% in 2024”.
Losses involving exfiltrated data were more than twice as costly as those without. “It is much easier to steal data than to encrypt,” noted Caitlin Ewing, Complex Claims Analyst at Allianz.
The global average cost of a data breach hit $4.88 million in 2024.
Employees Remain the Weak Link
Around 60% of breaches in 2024 involved a human factor. Phishing, impersonation of IT staff, and stolen credentials all played key roles. Brokers now sell compromised access credentials, accelerating the pace of attacks.
“Social engineering is now a prominent driver of cyber claims,” Ewing warned. AI is making fake messages more realistic and harder to detect.
Industries Under Pressure
Manufacturers accounted for 33% of large cyber claims since 2020. Professional services followed at 18%, with retail at 9%.
Retailers like Marks & Spencer and Louis Vuitton have been frequent targets. Large customer databases, weaker defenses, and sprawling supply chains make them particularly attractive targets for ransomware gangs.
Get The Cyber Insurance News Upload Delivered
Subscribe to our newsletter!
Supply Chain Risks Rising Fast
Allianz identifies IT supply chain dependency as a major threat. “Contingent business interruption events accounted for 15% of large cyber claims… in 1H 2025, compared with 6% in 2024,” the report states.
Ewing warned: “If there is an event involving a business partner, it can have a significant impact on your business.” Events like the 2024 CDK Global ransomware attack, which disrupted thousands of car dealerships, demonstrate the scale of exposure.
Privacy Regulation Fuels Litigation
Claims tied to data handling are expanding. Allianz reports “wrongful collection and processing of data… accounted for a record 18% of large claims in 2024, triple the share of three years earlier”.
U.S. courts saw 1,500 privacy-related lawsuits in 2024 alone. AI, biometrics, and web-tracking technologies are expected to drive the next wave of litigation.
Preparedness Saves Millions
Companies that detect attacks early spend far less. Allianz found that “detection and response capabilities can reduce claim costs by a factor of 1,000”.
Daum emphasized this point: “We will never completely eliminate the risk, but there has never been a better time to invest.”
AI as Both Weapon and Shield
Attackers now utilize AI to automate ransomware, craft sophisticated phishing campaigns, and expedite data theft. But AI also boosts defenses. Organizations using AI-enabled detection saved an average of $2.2 million in breach claims costs.
“AI is creating an advantage for defenders currently,” Daum said. “But if you do not invest, it is an advantage for attackers.”
Insurance Market Expands
Cyber insurance remains vital. Allianz forecasts the global market will double to nearly $30 billion by 2030.
“There is a clear value in cyber insurance that goes beyond risk transfer,” said Tresa Stephens, Head of Cyber, North America, Allianz. “It extends to threat intelligence, loss prevention, mitigation and response.”
Conclusion: Progress with Persistent Danger
The Allianz report shows insured firms are limiting claim severity with better preparation and investment. However, cyber claims trends indicate that threats are proliferating across supply chains, legal systems, and human vulnerabilities.
For business leaders, resilience requires both insurance and constant vigilance.
Related Posts
