Cyber insurance
Cybersecurity statistics about cyber insurance
Showing 101-120 of 162 results
2010–2017: 62.3% of large cyber losses came from other causes, 37.7% came from data breaches, and ransomware caused 0.0% of major losses. At this stage, ransomware claims were rare, and most large claims stemmed from breaches and miscellaneous incidents.
Average initial ransom demand (based on all cases with ransom demand) in 2022: $21.46 million.
The average duration business operations were affected by ransomware in technology was 57 days.
In 35.7% of data breach cases prior to 2019, the company’s own IT team or outsourced service providers detected the attack.
For data breach cases where the attacker was detected by a third-party, it took an average of 136 days to notice the attacker prior 2019.
The average duration business operations were affected by ransomware in other industries was 44 days.
The average cost of an individual ransomware attack rose by 17% in the first half of 2025.
Financially motivated social engineering, particularly tailored attacks enhanced by AI-powered phishing content, fuelled a disproportionate share of incurred losses (88%).
Between 2019 and 2023, financial services experienced large losses primarily from data breaches (40.9%) and ransomware (40.9%), followed by other causes (18.2%).
Between 2019 and 2023, technology experienced large losses primarily from other causes (38.0%), followed by ransomware (32.0%) and data breaches (30.0%).
Healthcare experienced extortion demands as high as $4 million.
Healthcare, retail, and manufacturing remained the most targeted sectors.
In 2019, victims paid on average 56.9% of the initial ransom demand.
Before 2023, 62.8% of backups were affected by ransomware.
Before 2023, 37.2% of backups were not affected by ransomware.
In 2023, organizations took an average of 32 days to restore operations after a ransomware attack.
In 2023, only 11.1% of backups were affected by ransomware.
For data breach cases where the attacker was detected by internal IT staff or an outsourced cybersecurity provider (OCP), it took an average of 61 days to notice the attacker prior 2019.
The average duration business operations were affected by ransomware in professional services was 85 days.
Businesses typically required around two full months to restore operations following a ransomware attack.