UK Cyber Insurance Market 2025: Why Businesses Must Act Now Against Rising Threats

Cyber Claims in the UK See Second-Highest Spike on Record

The UK cyber insurance market faced intense pressure in 2024. Marsh’s new cyber insurance report states that claims volumes hit the second-highest level ever. Although 2024 claims were 20% lower than 2023, they remained one-third higher than in 2020–2022. Ransomware attacks, supply chain breaches, and AI-powered intrusions fueled much of the activity. Q3 claims jumped 14% over the same period in 2023, mainly linked to the CrowdStrike software outage.

Despite increased claims, actual financial losses stayed lower than feared, thanks to improved cyber resilience and insurer-imposed security requirements.

Headline image reading 'UK Cyber Insurance Market Claims Surge Amid New Threats, Tougher Demands' over a digital blue background with a glowing padlock icon, used in an article analyzing the 2024 Marsh UK Cyber Insurance Claims Report.

Ransomware: Still a Dominant Threat

Ransomware continued to dominate the UK cyber insurance landscape. Claims related to extortion made up 28.3% of total losses. Opportunistic threat actors conducted “smash-and-grab” attacks, prioritizing quick data exfiltration.

Interestingly, while the number of ransomware claims fell by 31% from 2023, ransom demands grew larger. At the same time, payment rates dropped as organizations relied more on strong backups and incident response capabilities.

Alarmingly, Marsh reported cases where executives received physical threats after breaches, highlighting a chilling escalation in tactics. (This cross-over from dirigal security to real-world security is the topic of our latest podcast.)

Retailers, Manufacturers, and Financial Sectors Hit Hardest

Cyberattacks increasingly targeted sectors vital to the economy. Retailers suffered increased attacks during peak seasons like Black Friday and Christmas. These periods see heightened cybercrime that seeks to take advantage of the fact people are distracted by the holidays and tend to be away from the office; as the saying goes, “When the cats are away, the mice will play.”

Manufacturing firms faced risks from the integration of IT and OT systems. Financial institutions remained frequent targets but showed resilience, suggesting effective cybersecurity controls. Overall, no industry escaped unscathed, emphasizing the need for vigilance across the board.

CrowdStrike Outage Highlights Supply Chain Vulnerabilities

The July 2024 CrowdStrike software incident served as a major wake-up call. Many companies experienced significant system failures, yet insurance covered much of the business interruption.

The incident exposed supply chain weaknesses and prompted a rethink of resilience planning. Insurers are now focusing more on clients’ vendor risk management and contingency strategies.

Technology Disruptions Require Smarter Claims Handling

Preparing for cyber claims is now critical. Marsh advises companies to set up dedicated ledger codes and project tracking for incidents. This improves claims filing for business interruption losses.

Waiting periods still apply before insurance payouts start. Proper preparation, including keeping organized records and understanding policy nuances, can ease financial recovery.

AI Deepens Cyber Risk Complexity

Artificial intelligence played a bigger role in cyberattacks last year. Threat actors leveraged AI to create convincing phishing emails and deepfake voices. These methods fooled employees more easily, leading to increased business email compromise (BEC) claims.

The World Economic Forum’s Cybersecurity Outlook 2025 warns that AI’s malicious use will intensify in the year ahead. Companies must adapt or risk higher exposure.

New Regulations Tighten the Compliance Net

UK firms face a wave of incoming regulations. DORA and NIS 2 impose stricter operational resilience and cybersecurity reporting standards on businesses operating in Europe.

Meanwhile, the UK Government’s Cyber Security and Resilience Bill and proposed ransomware payment restrictions could reshape the cyber landscape domestically.

Firms failing to adopt basics like multi-factor authentication (MFA) risk heavier penalties under updated Information Commissioner’s Office (ICO) enforcement.

Organizational Resilience Must Become a Top Priority

Marsh stresses the importance of rigorous incident response plans (IRPs). Effective IRPs must be tested through tabletop exercises and include contacts for insurers and legal counsel.

Companies must also map supply chains and identify backup vendors. Also, smaller firms should bolster resources to respond quickly to tech outages.

Looking Ahead: UK Cyber Threats Set to Rise

Marsh predicts cyber claims will keep rising, albeit with volatility driven by systemic incidents. Continued reliance on interconnected systems and escalating AI threats will fuel more attacks.

Organizations must invest in cyber resilience, insurance, and employee training to face this fast-changing threat environment.

Other News: UK Gov Offers Cyber Insurance — “Appalling” or “Good Step?”(Opens in a new browser tab)

Written by

Martin Hinton

Martin Hinton is the Executive Editor and Publisher of Cyber Insurance News and Information. With over three decades of journalism experience across six continents, his work encompasses investigative reporting, documentaries, and coverage of cultural, political, and business news. To learn more about his career, click on his name to visit his LinkedIn page.