Claim frequency rose 7% year-over-year to the highest rate At-Bay has recorded since 2021.

In 2025, one in three ransomware claims triggered business interruption coverage.

The single largest fraud loss in 2025 hit $9.7M.

Average claim severity climbed to an all-time high of $221K.

Two-thirds of Akira attacks in 2025 occurred on nights or weekends.

The largest single business interruption claim hit $5M, the policy limit.

32% of healthcare and manufacturing organizations cite cyber insurance requirements as a direct business driver for pursuing microsegmentation.

Ransomware claims that triggered business interruption coverage averaged $510K in severity, compared to $168K for ransomware claims without business interruption.

Financial fraud was the most common incident type for the third consecutive year, accounting for 30% of all claims.

Roughly one in 10 ransomware incidents caused downtime exceeding 30 days.

Third-party liability claims jumped 70% in 2025.

Akira, a Ransomware-as-a-Service operation that has run since 2023, drove a 53% increase in ransomware frequency in the second half of 2025.

Companies with under $25M in revenue saw a 26% increase in average claim severity, the steepest jump of any segment and part of a three-year upward trend.

The average amount stolen reached $285K, up 16% from the prior year and up significantly from $199K in 2023.

Funds Transfer Fraud was the second-most common cyber event, accounting for 27% of claims.

Dual-extortion ransomware accounted for 70% of all ransomware claims in 2025.

Nearly half of healthcare leaders say their cyber insurance carrier requested specific controls during renewal or underwriting in the last two years.

Overall global claims frequency rose 3% year-over-year in 2025.

Global claims severity decreased 19% year-over-year in 2025 to an average loss of $116,000.

27% of SMBs lack cyber insurance.