Initial ransom demands rose 47% in 2025, yet 86% of businesses did not pay, according to data from Coalition. Ransomware was the costliest type of claim, with an average loss of £202,000, while business email compromise and funds transfer fraud accounted for 58% of cyber incidents. Among FTF claims, 52% originated from BEC.

Rob Jones, Coalition’s global head of claims said: “The data suggests a turning point in the economics of ransomware: while threat actors escalate their demands to push for higher, seven-figure payouts, cyber insurer support is helping businesses limit losses and is starting to help tip the scales back in favour of defenders.”

The 2026 Cyber Claims Report, based on data from more than 100,000 policyholders across the US, Canada, the UK, Australia and Germany, shows overall claims frequency rose 3% while severity fell 19% to £87,000. Dual extortion ransomware accounted for 70% of ransomware claims, and attacks involving data theft were more than twice as costly. Businesses with revenue over £100m faced claims five times more often than smaller organisations, though severity fell 7% to £201,700.

---