UK cyber insurance claims in 2024 down YOY but still up on earlier years: Marsh

Posted on | Posted on Admin

Cyber claims in the United Kingdom decreased by 20% in 2024 following a spike in 2023, although they remain around one-third higher than in 2020, 2021, and 2022, according to new research by Marsh, the insurance broking and risk advisor arm of Marsh McLennan.

marsh-logo-newMarsh’s paper, “UK Cyber Insurance Claims Trend Report 2024,” analyses cyber claims submitted by Marsh UK clients, and reveals that although overall claim volumes declined compared to 2023, the third quarter of 2024 saw a 14% surge—marking the second-highest quarterly activity level since 2020.

This sharp increase is attributed to the global outage caused by the CrowdStrike software update on July 19th, 2024.

While the MOVEit data breach in 2023 triggered a notable spike in claims, total volumes in 2024 still remained roughly twice as high as the annual figures reported in 2020, 2021, and 2022.

However, on a positive note, ransomware claims in 2024 have declined by 31% compared to 2023. Marsh attributes this decline to the increase in law enforcement activity, stricter global sanctions relating to cybercrime, and a fall in the number of organisations opting to pay ransoms when targeted.

Download free catastrophe bond market reports from Artemis

The broker explained this decline is also linked to improved cybersecurity measures, earlier detection of threat actors prior to encryption, and organisations being less concerned about being publicly identified as ransomware victims.

Although the amounts paid by UK ransomware victims continued to rise in 2024, extortion negotiations involving ransomware experts remained generally effective, often resulting in reductions of over 60% from the initial demands to the final payment.

A breakdown shows that extortion, including ransomware, was the primary cause of cyber losses, accounting for 28% of claims, followed by data breaches, which include hostile and accidental external breaches, but excluding extortion, at 17%, and system infiltration (excluding extortion and data breach) at 7%, Marsh explains.

Helen Nuttall, UK Head of Cyber Incident Management, Marsh, commented, “UK cyber insurance claims remain consistently high as cyber attackers increasingly exploit supply chains, AI-enabled intrusions, and several widespread non-malicious events to breach cyber defences. These figures underline the persistent nature of the threat, particularly as claims activity stemmed from numerous small events rather than any single systemic event in the UK.”

Holly Waszak, UK Head of Cyber Claims Advocacy, Marsh, added, “Although the UK cyber claims data remains concerning, there is clear evidence that increasing cybersecurity maturity is having a positive impact on claims activity. It is imperative that UK clients continue to bolster their response capabilities and overall adaptability, adopting an enterprise-wide approach to building their cyber resilience.”

The post UK cyber insurance claims in 2024 down YOY but still up on earlier years: Marsh appeared first on ReinsuranceNe.ws.

Leave a Reply

Your email address will not be published. Required fields are marked *