Resilience

Vendor-driven cyber insurance claims notifications fell from 37% to 26% of all claims, representing a 30% drop.

Healthcare, retail, and manufacturing remained the most targeted sectors.

Despite a drop in notifications, vendor-related claims still accounted for 15% of incurred losses estimated so far in 2025.

Manufacturing faced several ransomware incidents, generating cyber insurance claims averaging over $1 million in severity.

Financially motivated social engineering, particularly tailored attacks enhanced by AI-powered phishing content, fuelled a disproportionate share of incurred losses (88%).

The average cost of an individual ransomware attack rose by 17% in the first half of 2025.

Healthcare experienced extortion demands as high as $4 million.

Healthcare, retail, and manufacturing remained the most targeted sectors.

Third-party risks accounted for 31% of all client insurance claims and 23% of material losses in 2024. In 2023, no third-party claims led to material losses for Resilience clients.

62% of insurance claims with losses were related to ransomware.

Ransomware attacks targeting vendors made up 42% of the third-party insurance claims, with losses from these incidents rising four-fold compared to 2023.

Ransomware targeting vendors contributed to 18% of material insurance claims.

First-party ransomware incidents made up 44% of client’s material insurance claims.

Vendor security failings accounted for 4% of all material insurance claims.

Transfer fraud claims made up 18% of insurance claims in 2024, compared to 14% in 2023.

Phishing-related cyber incidents made up 9% of incurred claims in 2024, a 55% fall compared to 2023.