Companies worldwide are filing for $115,000 or more in losses per cyber insurance claim, according to the latest Coalition Cyber Claims Report. Considering that’s only the payout amount, total losses likely amount to much more.
The cyber insurance industry grew by an incredible rate of 32% annually between 2017 and 2022, underscoring a growing understanding that cyberattacks could vastly impact the bottom line. Even with rates leveling off in the past few years, projections of 20% CAGR continue to be thrown around.
With so much participation in the global cyber insurance market, the amount of data that goes into the cyber insurance claims process yields an incredible amount of insights into the types of attacks impacting businesses the most, how much they cost, and what proactive cybersecurity can do to prevent your company from being the next statistic.
Email-Based Attacks Lead with 60%
Per the research, email-based attacks were the primary cause of cyber insurance claims over the past year. Business Email Compromise (BEC) and Funds Transfer Fraud (FT) led the way with 60% of the total, followed by Ransomware at roughly 20%.
Business email compromise evades traditional email defenses, making it difficult to catch because it runs without malware signatures and relies completely on social engineering—something that AI is making ever-more feasible.
Miscellaneous First-Party Losses, a new category encapsulating everything from system failures to supply chain attacks, accounted for an additional 10%, with Third-Party Allegations—copyright infringement, privacy infringement, domain impersonation—and Other picking up the remainder.
52% of First-Party Losses Due to Third-Party Breach
When diving deeper into First-Party Losses, the data revealed that 52% were attributed to a third-party breach.
It’s interesting to note that cyber insurers attribute third-party attacks to first-party losses as a matter of course. Increasingly, data compliance legislation leans the same way, emphasizing the need for organizations to completely own their third-party risk and tie it into their corporate risk management approach.
According to the Coalition cyber report, the average severity of a third-party claim in 2024 was $42,000.
SMBs Accounted for 64% of All Cyber Claims
Organizations with less than $25 million in annual revenue accounted for 64% of all claims in 2024, despite making the fewest repeat cyber insurance claims. This could be because nearly one in five small and medium-sized businesses are unlikely to survive a successful cyberattack. While the average severity dropped by 8% for this subset, the total per claim still exceeded $84,000.
On the other side of the revenue spectrum, businesses with over $100 million in annual revenue might have had fewer overall attacks as a group, but individual companies were hit more often than their SMB counterparts. Additionally, the severity of these attacks increased. For these largest of all enterprises, the average cost per insurance claim went up by a substantial 21% in this past year alone.
Hardest Hit Sectors
While all insured sectors were affected by costly cyber incidents, some were affected more—or less—than others. Here is the data on a key few.
Consumer Staples (food and beverage, hygiene, agriculture) filed 17% more cyber insurance claims than last year.
Financial Services filed 17% less.
Healthcare claims frequency dropped by 19%, but the severity of the claims spiked by 32%, bringing the average loss per claim to $145,000.
Notably, Real Estate—despite a 24% drop in frequency—experienced a dramatic 58% increase in cost per claim, the most pronounced in any sector studied. This brings their total loss per incident up to $179,000 overall.
The Best Cyber Insurance Angle? Never Having to Use It
Coalition notes that 614 organizations were hit in 2024 after failing to address issues they were warned about ahead of time. These organizations suffered an estimated $307 million in collective losses, and each of them were hit by ransomware.
Proactive cybersecurity solutions not only reduce the severity of incidents, but when combined properly, can negate them altogether. There are certain “must-have” solutions needed for cyber insurance eligibility (MFA, encryption, SAT), and more to avoid ever having to use it. Fortra security solutions provide organizations with a proactive cybersecurity stance that helps them avoid cyberattacks in the first place.
Vulnerability management (VM): A good VM program cuts attackers off at the first phase of the attack chain (Reconnaissance) by patching and remediating vulnerabilities that could otherwise be found and exploited.
Integrated cloud email security (ICES): BEC, FTF, and phishing attacks circumvent even advanced email solutions like Secure Email Gateways (SEGs). Fortra Cloud Email Protection, an ICES solution, catches malicious patterns, AI-crafted verbiage, and other red flags indicative of these social engineering scams.
AI-based threat detection: As the Coalition cyber report concludes, “The companies that embrace continuous cybersecurity improvements…and early threat detection will be best positioned to withstand future attacks.” Fortra Extended Detection and Response (XDR) positions companies to see and block threats across their entire ecosystem and in every layer of their environment—endpoint, network, identity, and cloud.
Finally, nothing ensures risk reduction like zero trust. Building your entire foundation on zero-trust principles means data loss prevention (DLP) comes standard, and sensitive pieces of information are protected wherever they go. Fortra offers a comprehensive DLP suite featuring data classification, cloud data protection, network DLP, endpoint DLP, and more to secure assets regardless of the digital environment.
The ultimate goal of cyber insurance is to not have to use it. Partnering with a company that can help you proactively break the attack chain at its earliest stages can prevent cyberattacks before they become cyber claims.
Want more proactive security tools?
Discover Fortra’s suite of offensive security solutions.