Coalition’s newly released 2025 Cyber Claims Report outlines key cyber trends that shaped the digital threat landscape and influenced insurance outcomes for its policyholders across 2024. The report reveals that business email compromise (BEC) and funds transfer fraud (FTF) dominated claims, accounting for 60% of all incidents.
Coalition notes its proactive “Active Insurance” model played a central role in mitigating damage. The company combined real-time risk assessments, incident response, and data intelligence to help policyholders respond swiftly to cyber incidents.
In 2024, more than half (56%) of all cyber incidents reported to Coalition were resolved with no out-of-pocket expense for the insured business.
Business Email Compromise: Steady Frequency, Rising Cost
BEC maintained its foothold as a top cyber threat in 2024. While the frequency of insurance claims held steady, the cost per event rose 23% year-over-year. The average financial impact of a BEC incident reached $35,000, driven by legal and technical response costs.
A striking 29% of BEC attacks evolved into FTF events, highlighting how email access can be a gateway to more damaging fraud.
Funds Transfer Fraud Losses Decline Sharply
FTF, often launched through phishing or social engineering, saw a 46% drop in average severity, falling to $185,000 per event. Despite the decline, the financial toll remains serious.
Coalition recovered $31 million for clients through swift reporting and legal intervention, with an average clawback of $278,000. Clients reporting within 72 hours saw a notably higher recovery success rate.
Ransomware Still Costly Despite Decline
Ransomware activity showed signs of stabilization but remains a digital threat. Insurance claims frequency dropped by 3%, and severity decreased by 7% to $292,000 on average.
However, ransom demands were still steep. Akira ransomware emerged as the most common variant, while Black Basta averaged the highest demands at $4 million.
In nearly half of ransomware cases, policyholders opted to pay. Coalition Incident Response negotiated demands down by 60%, on average.
Industry Breakdown Highlights High-Risk Sectors
Several industries stood out for their cyber claim rates and severity:
- Healthcare: Insurance claims severity surged 32% to $145,000.
- Consumer Staples: Saw the highest claim frequency at 2.60%.
- Energy: Experienced the largest severity jump, over 1,200%, reaching $292,000.
Small and midsize businesses under $25M in revenue comprised 64% of total insurance claims, underscoring the disproportionate impact on resource-limited organizations like SMBs.
New Threat Categories Introduced
Coalition added two new event types in its 2025 report: miscellaneous first-party losses and third-party allegations. Third-party breaches, where a vendor or partner suffers a compromise, accounted for more than half of miscellaneous losses. Notable 2024 incidents included the Change Healthcare and CDK Global ransomware attacks.
Real-Time Alerts
In 2024, the company issued 85,000+ security alerts, helping resolve more than 32,000 vulnerabilities before attackers could exploit them.
Still, 614 businesses that declined to address flagged issues or declined Coalition coverage experienced significant cyber losses totaling an estimated $307 million.
