Cyber security resilience 2025 – Claims and risk          management trends

The cyber risk and insurance landscape in 2025 reveals a complex and evolving threat environment. Large insured companies are becoming increasingly resilient against attacks with strengthening of cyber security and preparedness and response capabilities helping to mitigate the impact of some of the large cyber losses in 2025 to date. However, the reliance on digital supply chains, impact of expanding privacy regulation, and more sophisticated social engineering attacks targeting employees are broadening the scope of potential losses for all companies, according to Allianz Commercial’s latest cyber risk report.

Recent cyber-attacks display common tactics, including using sophisticated social engineering and compromised credentials to access networks, such as impersonating an employee locked out of an IT system. Many attacks also leverage suppliers or IT supply chains to access sensitive information. Approximately 60% of breaches in 2024 involved a human element. Attackers increasingly use compromised access credentials obtained via phishing or sold on the dark net, with a surge in specialist “brokers” operating in this space.

Retailers top the list of industries attacked during the first half of 2025 and are the third most impacted sector by cyber incidents, behind manufacturing and professional services, according to analysis of Allianz Commercial large cyber claims (>€1mn) since 2020. Companies in the manufacturing sector accounted for 33% of these claims by value, professional services/consulting firms (18%), and retail companies (9%). 

Recent cyber-attacks have demonstrated the value of effective cyber hygiene, early detection, and incident response capabilities and their roles in reducing potential claim costs. Analysis shows in over 80% of large claims, insureds’ decisions significantly influenced loss size. Detection and response capabilities can reduce claim costs by a factor of 1,000.

The cyber-resilience gap between uninsured and insured organizations is widening. For example, in Germany, insurance industry figures show that the loss impact of cyber insureds increased by around 70% over four years, well below the 250% increase in the economic impact of cyber crime during the same period.

This resilience gap reflects cyber insurance policyholders’ heightened awareness of risk and their actions to mitigate it, many of which are a condition of obtaining insurance. It also reflects the effectiveness of risk prevention services and advice and incident response assistance provided by insurers. Business interruption losses, which account for over 50% of cyber claim values, are closely correlated to early detection and containment and incident response, and business continuity planning will significantly reduce costs. 

While cyber insureds have made significant strides in mitigating large cyber losses through improved security and preparedness, the evolving threat landscape and regulatory pressure requires ongoing vigilance and investment. Cyber insurance remains a crucial component in managing these risks, providing both financial protection and access to expertise that enhances overall cyber resilience. The global cyber insurance market is expected to more than double to nearly US$30bn by the end of the decade, driven by increasing digitalization and growing awareness. Despite relatively low penetration, demand is rising, especially among mid-sized firms and regions with a historically low uptake.