London | 7 May, 2025
According to new research by Marsh, the world’s leading insurance broker and risk advisor and a business of Marsh McLennan (NYSE: MMC), UK cyber claims decreased by 20% in 2024 following a spike in 2023 but remained approximately one-third higher than 2020, 2021, and 2022.
Marsh’s paper, UK Cyber Insurance Claims Trend Report 2024, provides comprehensive insights into current trends and challenges resulting from the evolving cyber risk landscape, and is based on an analysis of cyber claims submitted by Marsh UK clients.
Despite an overall drop in submitted claims, Q3 2024 experienced the second-highest level of activity recorded since 2020, rising 14% on Q3 2023. This sharp increase was partially due to the global outage caused by the CrowdStrike software update on 19 July 2024.
According to the report, while ransomware claims in 2024 declined by 31% on 2023 – which was marked by a sharp increase in the wake of the MOVEit data breach – it remained approximately double the totals recorded for 2020, 2021, and 2022. Marsh attributes the decline in UK ransomware claims to the increase in law enforcement activity, stricter global sanctions relating to cybercrime, and a fall in the number of organisations opting to pay ransoms when targeted. The decline is also linked to improved cybersecurity measures, earlier detection of threat actors prior to encryption, and organisations being less concerned about being publicly identified as ransomware victims.
Although the amounts paid by UK ransomware victims continued to rise in 2024, extortion negotiations involving ransomware experts remained generally effective, often resulting in reductions of over 60% from the initial demands to the final payment.
According to the report, extortion – including ransomware – was the primary cause of cyber losses accounting for 28% of claims, followed by data breaches – including both hostile and accidental external breaches, but excluding extortion – at 17%, and system infiltration (excluding extortion and data breach) at 7%.
Commenting on the findings, Helen Nuttall, UK Head of Cyber Incident Management, Marsh, said: “UK cyber insurance claims remain consistently high as cyber attackers increasingly exploit supply chains, AI-enabled intrusions, and widespread non-malicious events to breach cyber defences. These figures underline the persistent nature of the threat, particularly as claims activity stemmed from numerous small events rather than any single systemic event in the UK.”
Holly Waszak, UK Head of Cyber Claims Advocacy, Marsh, added: “Although the UK cyber claims data remains concerning, there is clear evidence that increasing cybersecurity maturity is having a positive impact on claims activity. It is imperative that UK clients continue to bolster their response capabilities and overall adaptability, adopting an enterprise-wide approach to building their cyber resilience.”
