Malware and ransomware alone accounted for 51% of all successful claims in 2024
The insurance industry paid out nearly £200 million to UK businesses in cyber insurance claims last year, revealing a massive rise in the scale and impact of digital attacks.
The Association of British Insurers (ABI) reported that insurers paid £197 million in 2024 to help organisations recover from cyber incidents: more than 2.3 times the £59 million paid in 2023.
Malware and ransomware alone accounted for 51% of all successful claims in 2024, up sharply from 32% in 2023.
The ABI said this shift underscores how quickly cybercriminals’ tactics are evolving, and how much more damage modern attacks are inflicting on businesses of all sizes.
Demand for cyber cover also rose significantly. UK organisations purchased 17% more cyber insurance policies in 2024 compared with the previous year, a sign that businesses are increasingly treating cyber protection as essential rather than optional.
The 2024 figures do not include the wave of high-profile digital heists that hit major UK firms early in 2025. Those incidents suggest that payouts could surge even further in next year’s analysis.
“Cyber insurance is more than just a financial safety net,” said Jonathan Fong, head of general insurance policy at the ABI.
“The right policy not only supports businesses in the aftermath of an incident but can also help prevent attacks through access to expert advice, threat monitoring and incident response planning.”
Marks & Spencer, one of the worst affected by the retail cyberattacks in the Spring, recently told investors that it has made a maximum £100 million claim on its cyber insurance policy after a major breach.
Other companies struck by attacks this year were less fortunate.
The Co-op confirmed that it lacked comprehensive cyber cover when it suffered an attack in April, and will receive no meaningful insurance support as a result.
Jaguar Land Rover also apparently had no cyber policy in place during its own incident. The government ultimately intervened with a support package to help JLR and its supply chain recover.
Debates intensify over insurers’ role
Cyber insurers have long been a controversial part of the security ecosystem.
The effectiveness and responsibilities of cyber insurers were central themes at the UK National Cyber Security Centre’s annual CYBERUK conference earlier this year.
Experts broadly agreed that cyber insurance plays a constructive role in improving security standards, pointing to insurers’ longstanding expertise in risk assessment and access to cutting-edge threat intelligence.
If businesses cannot meet insurers’ baseline protection requirements, experts noted, they simply do not qualify for coverage.
But others worry that the industry may be inadvertently incentivising ransom payments.
Anne Neuberger, the White House’s lead on cyber issues under the Biden administration, argued last year for banning insurers from covering ransom payments altogether, asserting that coverage can fuel criminal operations.
Google Cloud’s head of business risk and insurance, Monica Shokrai, countered that removing ransom coverage may have limited impact, especially for large corporations where ransom costs are often small compared to massive business interruption losses.
“I’m not convinced that banning the ransom from being paid by cyber insurance policies will remediate the issue,” she said.
“If larger companies continue to pay the ransom despite insurance not covering it, the impact of a ban on the insurance coverage becomes less meaningful,” she added.
The UK government is currently considering a proposal to ban public sector organisations from paying ransoms.
