It might not come as a surprise to some, but a recent study conducted by the Association of British Insurers reveals an alarming trend in the UK: the number of cyber insurance claims has surged dramatically in 2024, tripling compared to previous years. This spike in claims highlights a growing sense of vulnerability among businesses and organizations that have fallen victim to cyber-attacks, leading them to turn to insurance to recover from the resulting financial losses.
The survey’s most notable finding is the sharp increase in claims related to malware attacks, particularly ransomware. These types of attacks alone accounted for a staggering 51% of the claims made, a sharp rise from just 31% in 2023. This trend underscores the escalating threat posed by cybercriminals using increasingly sophisticated methods to breach corporate defenses and extort money from victims.
What’s even more significant is that the uptick in cyber insurance claims occurred before the public learned about the cyber-attacks on major UK companies such as Marks & Spencer, Co-Op, Harrods, and Jaguar Land Rover. These high-profile incidents, in which companies lost millions of pounds, further exposed a worrying trend: many of these companies were not covered by insurance policies, leaving them to shoulder the financial burden of the attacks.
This revelation suggests that in the wake of these breaches, companies across the UK — and possibly Europe as a whole — may have rushed to take out cyber insurance policies, fearing that their own businesses could be the next target. Cyber insurance is increasingly seen not as a luxury, but as a necessity to safeguard against the growing threat of cybercrime.
The British Insurance Brokers’ Association (BIBA) has confirmed that the frequency of cyber insurance claims has been rising steadily between March 2022 and September 2025, further cementing the increasing role of cyber insurance in business risk management. With cyber-attacks becoming more frequent and damaging, it’s clear that businesses are now recognizing the importance of having a safety net in place.
A key reason for the increase in cyber threats is the availability of sensitive data on the dark web, where cybercriminals can easily purchase or obtain credentials such as passwords and other personal information. With this data in hand, hackers can carry out increasingly sophisticated and targeted attacks.
On top of this, the rise of artificial intelligence (AI) — now widely available through open-source platforms — has made it easier for cybercriminals to develop tools and tactics that are harder to detect and defend against. In other words, the tools of the cybercriminals have become more advanced, while the businesses they target are often struggling to keep up.
According to Paul Bantick, Chief Underwriting Officer at Beazley, a subsidiary of the FTSE 100 insurance giant, the nature of cybercrime has evolved. “Today, cybercriminals are not just targeting businesses for financial gain,” Bantick explains. “They are also targeting countries and nations, exploiting geopolitical tensions and vulnerabilities for strategic, political, or economic advantage.”
This shift means that cyber-attacks have now moved beyond the realm of financial crime and are increasingly becoming tools of political warfare.
In conclusion, the surge in cyber insurance claims is a reflection of the growing recognition of the risks posed by the digital age. As cyber threats continue to evolve, businesses are realizing that investing in cyber insurance is no longer optional, but an essential part of their risk management strategy.
However, as we’ve seen from the experiences of companies like Marks & Spencer and Harrods, simply having an insurance policy isn’t enough. Companies must also ensure that their coverage is comprehensive and that they are taking the necessary steps to prevent cyber-attacks in the first place.
Join our LinkedIn group Information Security Community!
