The average ransom demand in the latter half of 2024 fell below $1 million for the first time in more than two years.

BEC claims severity increased by 23% in 2024.

22% of employees have unrestricted access to public GenAI.

60% of IT teams are unaware of employee interactions with GenAI.

UK cyber claims in 2024 decreased by 20% compared to the spike seen in 2023.

Despite the 20% decrease from 2023, UK cyber claims in 2024 remained approximately one-third higher than the totals recorded for 2020, 2021, and 2022.

Black Basta accounted for just 3% of all ransomware claims in 2024.

The average total IT security budget for U.S. enterprises is $1.77 million.

70% of organizations use AI for response and recovery.

In multi-vector DDoS attacks, threat actors rotate between protocols every 30–60 seconds.

89% of organizations use AI to understand threats better.

58% of respondents view external threats (like malicious actors and state-affiliated groups) as more significant than internal threats (42%).

Nearly 20% of data breach victims were U.S. organizations.

76% of CISOs reported a significant impact following a breach.

2.9 billion unique sets of compromised credentials identified in 2024. This is an increase from 2.2 billion in 2023.

Looking at specific periods, Q3 2024 experienced the second-highest level of activity in cyber claims recorded since 2020. Activity in Q3 2024 rose 14% on Q3 2023.

Ransomware cyber insurance claims frequency decreased by 3%.

Ransomware claims severity decreased by 7% YoY.

FTF (funds transfer fraud) claims severity decreased by 46% YoY. This sharp decline followed an all-time high in 2023.

85% of organizations use AI for threat detection.