In 2024, UK insurers paid out a record £197 million (about $259 million) in cyber insurance claims, more than triple the amount from the previous year. The Association of British Insurers (ABI) revealed this dramatic 230% increase underscores the growing threat cyberattacks pose to businesses across the country.
Malware and ransomware continue to be the biggest culprits, making up over half of all claims this year, a sharp rise from 32% in 2023. This shift highlights how cyber criminals are becoming more skilled and damaging, pushing insurance costs higher.
As threats multiply, more UK companies are turning to cyber insurance for protection. The number of policies sold climbed 17% this year, showing a clear demand for coverage against growing digital risks. ABI’s Jonathan Fong said that cyber insurance isn’t just about money. It also offers expert advice and helps businesses respond and prepare better for attacks.
Experts warn the problem isn’t going away. Anton Yunussov from Forvis Mazars pointed to increasingly targeted attacks fueled by AI tools that make scams harder to spot. He emphasized that cybersecurity isn’t just an IT issue anymore; it’s a business problem that affects everything a company does. According to Yunussov, businesses should focus more on prevention and recovery as attacks become a constant danger.
Warren O’Driscoll from NTT DATA UK&I described the rise in claims as the result of several factors coming together. These include rising global tensions, the rise of ransomware services as a business, and smarter AI-powered scams. He also highlighted risks from complicated supply chains and outsourcing, which can make it hard to know who has access to important data.
O’Driscoll pointed out that cloud computing, while helpful, adds new challenges because companies lose some control over their data. When breaches happen overseas, it becomes harder for UK authorities to help fix the damage.
Instead of hiking insurance premiums, O’Driscoll suggests better rules and support to help businesses improve their cybersecurity. Insurers also need to better understand their clients’ risks and supply chains to keep up with this changing landscape.
The sharp increase in payouts signals a warning for UK businesses. Without action, the current losses could be just the beginning of a costly period ahead. Companies are urged to regularly review risks, strengthen oversight of partners, and build a strong security culture to avoid getting caught out by the next wave of cyber threats.