A recent report by Marsh McLennan highlights the significant trends in UK cyber insurance claims, revealing a 20% decrease in claims from 2023 to 2024, although the number is still one-third higher than in 2020, 2021, and 2022.
The report, titled “2024 UK Cyber Insurance Claims Trend Report,” offers a detailed analysis of the evolving cyber risk landscape and the associated challenges. It draws on an analysis of cyber claims submitted by Marsh UK clients.
Despite the overall decline in claims, activity levels in Q3 of 2024 were the second-highest since 2020, marking a 14% increase from the same period in 2023. This spike was partly attributed to a global disruption caused by a CrowdStrike software update on July 19, 2024.
The report indicates that while ransomware claims in 2024 dropped by 31% compared to 2023, they were still double the total amounts recorded in 2020, 2021, and 2022. Marsh attributes the decline to increased law enforcement activities, stricter global sanctions on cybercrime, and a reduction in the number of organizations opting to pay ransoms. Additionally, improvements in cybersecurity measures and earlier detection of threat actors have contributed to this decline.
Ransomware remains the leading cause of cyber losses, accounting for 28% of total claims. Data breaches, both external and accidental, followed at 17%, with system infiltration (excluding ransomware and data breaches) accounting for 7%.
Helen Nuttall, Head of Cyber Event Management at Marsh UK, commented on the findings, stating that UK cyber insurance claims remain high due to cyber attackers exploiting supply chains, AI intrusions, and a range of widespread non-malicious events. These incidents highlight the persistence of threats, especially as claims continue to stem from numerous smaller incidents rather than any single systemic event.
Holly Waszak, Head of Cyber Claims Advocacy at Marsh UK, added that while cyber claims data for the UK remains concerning, there is clear evidence that improving cybersecurity maturity is having a positive impact on claims activity. She emphasized that UK clients must continue to enhance their response capabilities and resilience, adopting an enterprise-wide approach to strengthening cyber defenses.
Related Topics:
Who Obtains the Insurance Certificate in a Group Insurance Policy?
