Khozinul/AdobeStock

ALLIANZCOMMERCIAL

Cybersecurityresilience2025

Claimsandriskmanagementtrends

commercial.

CYBERSECURITYRESILIENCE2025|ALLIANZCOMMERCIAL

MelindaNagy/AdobeStock

2

commercial.

CYBERSECURITYRESILIENCE2025|ALLIANZCOMMERCIAL

Contents

Page4

Executivesummary

Page8

Claimsandlosstrends

Page9

Cyberinsuredstakebackcontrolandgainmomentum

againstattackers,butchallengesremain

Page11

Ransomwaremigratestomid-sizedandlesswell-

protectedfirmsasthreatactorsadapttohardened

cybersecurity

Page12

Dataexfiltrationranksastoplossdriver

Page13

Theriseofsocialengineering–threatactorstarget

employeesastheweakestlink

Page14

Keystothekingdom:Credentialsovertakemalware

Page15

AIdrivingmoreeffectivesocialengineeringand

malware

Page16

Retailersbecomingthemosttargetedsector

Page17

CBI/supplychainemergesasakeythreat

Page18

Expandingrisklandscapedrives

non-attacklosses

Page19

Techfailureandoutagesmakefirstlargeclaims

appearance

Page20

Privacyregulationandlitigationcontinuestodevelop

Page22

Detection,responseandtraining

Page23

Reducingthecostofaclaim

Page25

Wideninggap:Insuredsgrowmoreresilient

Page26

Bepreparedwithtabletopexercises

Page27

RansomwareattackshighlightneedforBIworkarounds

Page28

ThetransformativepowerofAI-powereddetection

Page29

Regulationsettoraisethecyberresiliencybar

Page30

Insurancemarkettrends

3

CYBERSECURITYRESILIENCE2025|ALLIANZCOMMERCIAL

commercial.

4

Executivesummary

Thecyberriskandinsurancelandscapein2025revealsacomplexandevolving

threatenvironmentwhereinsuredcompaniesarebecomingincreasinglyresilient

againstattackswithstrengtheningofcybersecurityandpreparednessandresponsecapabilitieshelpingtomitigatetheimpactoflargecyberlossesin2025todate.

However,therelianceondigitalsupplychains,impactofexpandingprivacyregulation,andmoresophisticatedsocialengineeringattackstargetingemployeesarebroadeningthescopeofpotentiallosses.

Claimsandlosstrends

AnalysisofAllianzCommercialcyberclaimsshowsthe

overallfrequencyofnotificationsduring1H,2025was

inlinewithayearearlier(around300claims),aftera

significantyear-on-yearincreaseduring2023comparedwith2022.Overallclaimsseverityhasdeclinedbymore

than50%during1H,2025whilethefrequencyoflarge

lossclaims(>€1mn)isdownaround30%.However,the

risklandscapeisexpandingbeyonddirectcyber-attacks.Inthisyear’sreport,contingentbusinessinterruption,

technologyfailuresandprivacylitigationemergeasmainsourcesoflosses–incidentssuchaswrongfulcollectionorprocessingofdata,andoutagesaccountedforarecord28%ofthevalueoflargeclaimsin2024.

Ransomwareshiftstomid-sizedandlesswell-protectedfirms

Ransomwareremainsthebiggestdriverofcyberinsuranceclaimsanalyzedbyfrequencyandvalue,accountingfor

around60%ofthevalueoflargeclaims(>€1mn)during

1H,2025.High-profileattacksacrossmanyindustries

underscoreongoingthreats,althoughtherearesigns

internationalco-ordinationbylawenforcementagenciesandthestrengtheningofcybersecuritybylargecorporatesishavingapositiveimpact.Yetransomwaregroups

continuetogrowinnumber–a50%increaseduring1H,2024alone–andsophistication,adoptingtacticsand

leveragingartificialintelligence(AI)totargetweaknessesincybersecurity,namelyemployeesandsuppliers.

Attackersarealsoshiftingfocusfromwell-protectedlargecorporations,particularlyintheUSandEurope,wherethebarforasuccessfulattackisnowmuchhigher,tomid-

sizedandsmallerfirms,whicharelessresilient,aswellasfirmsinotherterritories,suchasinAsiaorLatinAmerica.Ransomwarewasinvolvedin88%ofdatabreaches

atsmallandmediumfirmscomparedto39%atlarge

firms,accordingtoVerizon,whilecyberincidentsalso

ranksasthetopriskforsmallercompaniesinthe

Allianz

RiskBarometer

.

Artem/AdobeStock

Dataexfiltrationatoplossdriver

Aslargecompanieshaveimprovedtheirresponse

capabilities,recentyearshaveseenashiftfrompurely

extortion-basedransomwareattackstodoubleextortion

includingdataexfiltration–40%ofthevalueoflargecyberclaims(>€1mn)during1H,2025includeddatatheft,upfrom25%inthewholeof2024.Lossesinvolvingdataexfiltrationweremorethandoublethevalueofthosewithout.

commercial.

CYBERSECURITYRESILIENCE2025|ALLIANZCOMMERCIAL

Dataexfiltrationiseasierandfasterforattackersthanencryptionandincreasesthelikelihoodofransom

payments.Theaverageglobaldatabreachcosthitarecordhigh(almostUS$5mn)in2024,drivenbyfactorssuchastheimpactofstricterdataprivacyregulation.

Meanwhile,encryptionratesinattacksfelltotheirlowestlevelinsixyears.

terovesalainen/AdobeStock

Theriseofsophisticatedsocialengineeringandcredential-basedattacks

Recentcyber-attacksdisplaycommontactics,includingusingsophisticatedsocialengineeringandcompromisedcredentialstoaccessnetworks,suchasimpersonating

anemployeelockedoutofanITsystem.ManyattacksalsoleveragesuppliersorITsupplychainstoaccess

sensitiveinformation.Approximately60%ofbreachesin2024involvedahumanelement,withthird-party

involvementdoublingto30%,accordingtoVerizon.

Attackersincreasinglyusecompromisedaccesscredentialsobtainedviaphishingorsoldonthedarknet,withasurgeinspecialist“brokers”operatinginthisspace.

ScatteredSpider,ahackinggroupbehindrecentattacksagainstcasinos,retailers,airlines,andinsurers,hasusedcompromisedaccesscredentialsandsocialengineeringandphishingtacticstogainaccesstoanorganization’s

systemsrapidly.Morethan10attackswereattributedtothegroupduring1H,2025.Credential-basedintrusions

nowoutpacemalware-basedattacks,with80%ofattacksinthepastyearmalware-free,comparedto40%in2019,accordingtocybersecurityfirmCrowdStrike.GenerativeAIishavinganotableimpact,helpingthreatactorscreatemoreconvincingsocialengineering,andphishingemailsandcalls(vishing).

Manufacturers,professionalservices,andretailersmostimpactedsectors

Retailerstopthelistofindustriesattackedduring1H,2025andarethethirdmostimpactedsectorbycyberincidents,behindmanufacturingandprofessionalservices,accordingtoanalysisoflargecyberclaims(>€1mn)since2020.

Companiesinthemanufacturingsectoraccountedfor33%oftheseclaimsbyvalue,followedbyprofessionalservices/consultingfirms(18%),andretailcompanies(9%).

Retailersoftenhavehighrevenues,handlelarge

volumesofpersonaldata,andarevulnerabletobusinessinterruption,whichallprovideleveragewhenmaking

extortiondemands.Theyalsotendtohavelargenumbersofstaff,suppliersandITsystems,whichcreateawide

attacksurface,whilecybersecurityistypicallylessadvancedthansectorslikebanking.

Supplychaindependencyrisks

TheemergenceofclaimsrelatedtogrowingdependenciesofITsupplychainsisakeyemergingtrend.Contingent

businessinterruption(CBI)supplychaineventsaccountedfor15%oflargecyberclaims(>€1mn)byvaluein1H,

2025,comparedwith6%in2024,accordingtoAllianz

Commercialanalysis.Suchlossescanresultfromboth

attacksandtechnicalfaults,causingdisruptiontoa

criticalservicesuchassoftwareorcloudservices.Cloud

intrusionsincreased136%in1H,2025comparedtoallof

2024,accordingtoCrowdStrike.Disruptioncanalsoextendtophysicalproductsifaninsured’ssupplierisunableto

delivergoodsrequiredforproduction,whileincidentscanalsoresultinadatabreach.

5

Althoughmanycompanieshaveimprovedtheirowncybersecuritycontrols,theriskofbreachesattheirITsuppliersandpartnersishardertocontrol.Vendorsneedtobewellmanagedfromacontractualperspective,butalsoaroundaccesscontrol,monitoringandauditsofsuppliers.

CYBERSECURITYRESILIENCE2025|ALLIANZCOMMERCIAL

commercial.

6

aznan/AdobeStockrookielion/AdobeStock

Non-attackincidentsbroadenthescopeofpotentiallosses

Attack-drivenlossescontinuetodrivecyberinsurance

claims,butlossesfromeventssuchastechnicalfaults

anddataprivacyliabilityareaccountingforagreater

proportionthanpreviously–arecord28%ofthevalueoflargeclaims(>€1mn)analyzedduring2024.

BusinessinterruptionduetotechnicalfailurewaspresentforthefirsttimeinAllianzCommercial’slargelossclaimsdatain2024,accountingforaround10%byvalue,inpartduetooneofthelargestoutagesinhistoryatCrowdStrike.Suchoutagescanresultfromtechnicalglitchesor

humanerror.

Privacyregulationandlitigationcontinuestodevelop

Databreachesandprivacyactionsrelatingtowrongfulcollectionandprocessingofdata,forexample,have

increasedinrecentyears,accountingforarecord18%oflargeclaims(>€1mn)byvalueanalyzedin2024,tripletheshareofthreeyearsearlier.

Meanwhile,during1H,2025,technology/media

professionalindemnityclaimsaccountedforaquarteroflargecyberclaimsbyvalue,upfrom21%in2024.Many

areforlegalactionsagainsttechnologycompaniesrelatedtoserviceperformance,technicalfailings,andalleged

breachesofprivacyregulationsandrequirements,butcanresultfromattackstoo.

Recentyearshaveseenasignificantriseinclassactions

relatedtobreachesofdataprivacylaws.Litigation

reachedunprecedentedlevelsin2024,withsome1,500

dataprivacyactionsfiledintheUSalone.Compliancewithdiverseandchangingprivacyregulationsisasignificant

challengeforcompanies,especiallywithadvancesintechnologysuchasAIandbiometrics.AIsystemscouldfacilitatebreachofprivacyregulationthroughunauthorizedcollection/useofdata.

kaliel/AdobeStock

Detection,response,andtraining–helpingtoreducethecostofclaims

Recentcyber-attackshavedemonstratedthevalueof

effectivecyberhygiene,earlydetection,andincident

responsecapabilitiesandtheirrolesinreducingpotentialclaimcosts.Analysisshowsinover80%oflargeclaims,

insureds’decisionssignificantlyinfluencedlosssize,withmanyincidentspreventablethroughbasiccontrolssuch

aspatching,segmentation,backups,andmulti-factor

authentication(MFA).Detectionandresponsecapabilitiescanreduceclaimcostsbyafactorof1,000andtheir

importanceisreflectedintheforecastedgrowthoftheglobalmanageddetectionandresponse(MDR)market,expectedtoquadrupleinsizeoverthenextdecade.

commercial.

CYBERSECURITYRESILIENCE2025|ALLIANZCOMMERCIAL

Seventyfour/AdobeStock

Wideninggap:insuredsgrowmoreresilient

Thestabletrendinoverallcyberclaimsfrequencysofarthisyear(2025)standsincontrasttothewiderthreat

landscape.LastyearsawanewrecordforinternetcrimelossesreportedtotheFBI’sInternetCrimeComplaint

Center(IC3)–US$16.6bn.

Thecyber-resiliencegapbetweenuninsuredandinsuredorganizationsiswidening.Forexample,inGermany,

insuranceindustryfiguresshowthatthelossimpactofcyberinsuredsincreasedbyaround70%overfouryears,wellbelowthe250%increaseintheeconomicimpactofcybercrimeduringthesameperiod.

Thisresiliencegapreflectscyberinsurancepolicyholders’heightenedawarenessofriskandtheiractionstomitigateit,manyofwhichareaconditionofobtaininginsurance.Italsoreflectstheeffectivenessofriskpreventionservicesandadviceandincidentresponseassistanceprovidedbyinsurers.Regulartabletopexercisesandpreparedness

trainingcanimproveresponseeffectiveness,minimizingbusinessinterruption,whichaccountsforover50%of

cyberclaimvalues.Businessinterruptionlossesare

closelycorelatedtoearlydetectionandcontainment

andincidentresponse,andbusinesscontinuityplanningwillsignificantlyreducecosts.Conversely,weak

communication,coordinationandindecisioncanprolongtheimpactofanevent.

narin_nonthamand/AdobeStock

ThetransformativepotentialofAI-powereddetection

AIisahottopicamonginsureds,asorganizations

comeundercompetitivepressuretoadoptAItools

inanevolvingregulatoryenvironment.Attackersare

usingAItoautomateandscaleransomwareattacks,

developsophisticatedmalware,andcraftconvincing

phishingcampaigns.AtthesametimeAIishelpingto

transformcybersecurity,speedingupandautomatingthreatdetectionandresponse,andincreasingcompany

resilience.Onaverage,organizationsthatusedAIand

automationinpreventionsavedUS$2.2mninbreachcosts,versusthosethatdidnot,accordingtoIBM.

Regulationwillraisetheresiliencebar

NewregulationsliketheEU’sDigitalOperational

ResilienceAct(DORA)andtheNetworkandInformation

SecurityDirective(NIS2)aimtoraisecybersecurity

standardsacrosscriticalsectors,includingsupplychains.

Theseframeworkswillrequireenhancedriskmanagement,incidentreporting,andresiliencetesting,particularly

benefitingmid-sizedcompaniescurrentlyunderpreparedforsuchrequirements.

Insurancemarketoutlook

Whilecyberinsuredshavemadesignificantstridesin

mitigatinglargecyberlossesthroughimprovedsecurityandpreparedness,theevolvingthreatlandscapeandregulatorypressurerequiresongoingvigilanceandinvestment.Cyberinsuranceremainsacrucialcomponentinmanagingtheserisks,providingbothfinancialprotectionandaccessto

expertisethatenhancesoverallcyberresilience.Theglobalcyberinsurancemarketisexpectedtomorethandouble

tonearlyUS$30bnbytheendofthedecade,drivenby

increasingdigitalizationandgrowingawareness.Despiterelativelylowpenetration,demandisrising,especially

7

amongmid-sizedfirmsandregionswithahistoricallylowuptake.

CYBERSECURITYRESILIENCE2025|ALLIANZCOMMERCIAL

commercial.

8

Claimsandlosstrends

Spirit/AdobeStock

commercial.

CYBERSECURITYRESILIENCE2025|ALLIANZCOMMERCIAL

CLAIMSANDLOSSTRENDS

Cyberinsuredstakebackcontrolandgainmomentumagainst

attackers,butchallengesremain

Strengtheningofcybersecurityandpreparednessandresponsecapabilitiesbyinsuredcompaniesisshowingencouragingsignsofpayingoff,helpingtomitigatetheimpactoflargecyberlossesin2025todate.

AnalysisofAllianzcyber,technologyerrorsandomissionsand

mediaclaimsshowsthattheoverallfrequencyofnotificationsinthefirsthalfof2025wasinlinewithactivityayearearlierduring1H,2024(around300claims),afterasignificantyear-on-year

increaseinfrequencyduring2023comparedwith2022.Overallclaimsseverityhasdeclinedbymorethan50%during1H,2025whilethefrequencyoflargelossclaims(>€1mn)isdownby

around30%.

“Thepositivetrendweseesofarin2025,particularlywithregardstolargecyberclaimsactivity,islikelytheresultofinsureds’

cumulativeinvestmentsincybersecurity,detectionandresponse,aswellastrendsinransomwareattacks,whichtendtofavorthosecompanieswhicharewell-protectedandprepared,”saysMichaelDaum,GlobalHeadofCyberClaims,AllianzCommercial.

“Anumberofransomwareeventshavehittheheadlinesthis

year,butoverall,weseethatinsuredlossesfromtheseattackshavedeclinedin2025todate.Insureds’increaseddetection

andresponsecapabilitiesarehelpingtostopattacksatanearlystage.Everystepanattackerprogresses,andeveryminutethattheyareinthesystem,theimpactgoesupexponentially.The

costofaransomwareattackthatprogressestodatatheftandencryptioncanbe1,000timeshigherthananincidentthatisdetectedandcontainedearly.”

However,atthesametime,anexpandingrisklandscapeis

broadeningthepotentialscopeoflossesforcompanies,withnon-attackincidents,suchaswrongfulcollectionandprocessingofdata,aswellastechnicalfailure,havingaccountedforarecord28%of

largeclaimsbyvalueduring2024.Andwhileransomwareremainsthetoplossdriverofallclaimsanalysed,organizationscontinuetofacenewchallengesandthreatsinthecyberspace,suchastheir

growingrelianceondigitalsupplychains,theimpactofexpandingprivacyregulation,andtheincreasingnumberofsocialengineeringattackswhicharetargetingtheweakestlinkinanywell-protectedcompany–theemployee.

Atthesametime,an

expandingrisk

landscapeisbroadeningthepotentialscopeof

9

lossesforcompanies

CYBERSECURITYRESILIENCE2025|ALLIANZCOMMERCIAL

commercial.

Cyberclaimsanalysis:Expandingrisklandscapevisible–incidentsbylosscategory

By%shareoftotalclaimsvalue–largeclaimsonly(>€1mn)

2025(6M)

41%19%15%25%

2024

20%

25%

6%10%18%21%

2023

32%39%15%14%

2022

37%29%8%7%19%

2021

42%37%6%15%

KEY

Attack-drivenlosses(withdataexfiltration)Businessinterruptionduetotechnicalfailure

Contingentbusinessinterruption(CBI)/supplychain)

Attack-drivenlosses(withoutdataexfiltration)Non-attackdatabreaches(e.g.,wrongfulcollectionandprocessingofdata)

Tech/mediaprofessionalindemnity(e.g.,legalactionsrelatedtoserviceperformanceetc.)

Source:AllianzCommercial.Largeclaimsanalysisonly(>€1mn)between2021and2025(6M)withatotalvalueinthedatasetinexcessof€400mn

Trends

↑Shareoftech/mediaprofessionalindemnitylossesincreasing

↑Non-attackdatabreachlosses,drivenbywrongfulcollection/processingofpersonaldata,haveriseninrecentyearsbutnotseenyetduring1H,2025

↑Businessinterruptionduetotechnicalfailurepresentforthefirsttimein2024,notonlyCrowdStrikedriven

↑Contingentbusinessinterruptionextensionscoveringsupplychainrisksresurfacedin2024

↓Shareofattack-drivenlosseshasdeclinedovertime–from80%+in2021

10

commercial.

CYBERSECURITYRESILIENCE2025|ALLIANZCOMMERCIAL

CLAIMSANDLOSSTRENDS

Ransomwaremigratestomid-sized

andlesswell-protectedfirmsasthreatactorsadapttohardenedcybersecurity

Ransomwareremainsthebiggestdriverforcyber

insuranceclaimsbyfrequencyandlossvalue.Attack-

drivenlossesaccountedforaround60%ofthevalueof

largecyberinsuranceclaims(>€1mn)analyzedbyAllianzCommercialduring1H,2025.

Thisyearhasseenaseriesofdisruptivecyber-attacks

againstretailersinEuropeandtheUS,includingMarks

&Spencer,Co-opandUnitedNaturalFoods.InJuly,

AustralianairlineQantas

1

confirmedthatthedataofuptosixmillioncustomersmayhavebeencompromisedinacyber-attack.

Whiletheransomwarethreatshowslittleindicationof

abating,therearesignsthatinternationalco-ordinationbylawenforcementagenciesandthestrengtheningofcybersecuritybylargecorporatesishavinganeffectoncyber

insuranceclaims.

Inearly2024,theoperationsoftwoleadingransomware-as-a-service(RaaS)groups–LockBitandNoberus–weredisruptedbyaninternationallawenforcementoperation.

InJuly2025,theUK’sNationalCrimeAgency

2

arrested

fourpeople(agedbetween19and20)inconnectionwithcyberattacksagainstUKretailersin2025,whichwerereportedlycarriedoutbyransomwareaffiliateScatteredSpider.

WhatisRaaS?

Ransomware-as-a-service(RaaS)isacybercrimebusinessmodelinwhichransomwaredeveloperssellransomwarecodeor

malwaretootherhackers,called“affiliates”whothenusethecodetoinitiatetheirownransomwareattacks.

However,ransomwareactivityhasalsoreboundedas

attackersandtheiraffiliatesrealignedorwerereplacedbyothergroups,suchasRansomHub(currentlyinactive),Akira,QilinandDragonForce.Cybersecurityfirm

CrowdStrike

3

identified26newcyber-attackgroupsin2024,bringingthetotalnumberitmonitorsto257.

Thenumberofpubliclydisclosedransomwareattacks

brokerecordsinthefirstquarterof2025witha45%

increasecomparedtoQ12024,accordingtoransomware

preventionfirm,BlackFog

4

.

“Thesweetspotforattackersisacompanywithlarge

revenues,lotsofpersonalrecordsandthatiseasyto

penetrate.Butthesetargetsarebecominghardertofind,sotheyaremovingdownthechainwherecompaniesarelesswellprotected,”saysMichaelDaum,GlobalHead

ofCyberClaimsatAllianzCommercial.“Ourincidentresponsepartnersareverybusydealingwithincidents,mostlyinvolvinguninsuredandsmallercompanies.”

Ransomwareisnowdisproportionatelyaffectingmid-

sizedandsmallerorganizations.Accordingtotelecoms

firm,Verizon

5

,ransomwarewasacomponentof88%of

databreachesinvolvingsmallandmedium-sizedfirms,

comparedwith39%ofbreachesatlargefirms.Asurvey

bytheWorldEconomicForum

6

foundthatthenumberofsmallorganizationsthatbelievetheircyberresilienceis

inadequatehasincreasedsevenfoldsince2022,whilethenumberoflargeorganizationsreportinginsufficientcyberresiliencehasnearlyhalved.Cyberincidentsalsoranks

asthetopriskforsmallerandmid-sizedcompaniesinthe

AllianzRiskBarometer

.

“Thebarforasuccessfulattackagainstawell-protectedlargecorporateisnowmuchhigher.Andwhilehackers

willsucceedagainstlargefirmsfromtimetotime,there

hasbeenashiftinsuccessfulattacksawayfromlarge

companiesintheUSandEuropetowardssmallerandmid-sizedfirmsandthoseinotherterritories,suchasAsiaandLatinAmerica,”saysDaum.

11

CYBERSECURITYRESILIENCE2025|ALLIANZCOMMERCIAL

commercial.

CLAIMSANDLOSSTRENDS

Dataexfiltrationranksastoplossdriver

Aslargecompanieshaveimprovedtheirresponse

capabilities,recentyearshaveseenashiftfrompurely

extortion-basedransomwareattackstodoubleextortionincludingdataexfiltration.

Around40%oflargecyberclaim(>€1mn)byvalueduring1H,2025includeddataexfiltration,upon25%forthefullyear2024.Losseswerealsomorethandoublethosefromattack-drivenclaimswithoutdataexfiltration,Allianz

Commercialanalysisshows.

“Wecontinuetoseeashiftinransomwaretowards

dataexfiltration.Itismucheasiertostealdatathanto

encrypt–ittakeslesspreparationandworkonthepartofattackers,”saysCaitlinEwing,ComplexClaimsAnalystatAllianzCommercial.

Databreachwascitedasthemostconcerningcyberriskinthisyear’s

AllianzRiskBarometer

,whiletheaveragecostofaglobalbreachreachedarecordhighatalmostUS$5mn($4.88mn),accordingtothe

IBMCostofaData

Breach2024

7

report.Recentcostincreaseshavebeen

Artem/AdobeStock

drivenbyanumberoffactorsincludingtheimpactofstricterdataprivacyregulation.

Whatisdataexfiltration?

Dataexfiltration,alsoknownasdata

extrusionordataexportation,isdatatheft:theintentional,unauthorized,coverttransferof

datafromacomputerorotherdevice.Itisnowacommonfeatureofransomwareattacksto

increasethechanceofvictimspayingaransom.

Dataencryptionisatthelowestlevelinsixyears,with50%ofattacksnowresultinginthis,downfrom70%in2024,

accordingtocybersecurityfirmSophos

8

.

During2024,telecommunicationscompanyAT&Tsufferedtwobreacheswhichresultedinthedataoftensofmillionsofcustomersandformercustomersbeingfoundina

datasetonthedarkweb

9

.InAugust2025,

itwasreported

10

thatitmayhavetopayindividualsupto$7,500incash

paymentsaspartofa$177mnclassactionsettlementforbothbreaches.

12

commercial.

CYBERSECURITYRESILIENCE2025|ALLIANZCOMMERCIAL

CLAIMSANDLOSSTRENDS

Theriseofsocialengineering–threatactorstargetemployeesastheweakestlink

Recentcyber-attacksdisplayseveralcommonthemes,

includingtheuseofmoresophisticatedsocialengineeringandcompromisedcredentialstogainaccesstoan

organization’snetwork.ManyattacksalsoleveragesuppliersorITsupplychainsasawaytobreachtheotherwiserobustcybersecurityofvictimcompanies.

Around60%ofbreachesin2024involvedahuman

element,accordingtotelecomsfirm,Verizon

11

,while

thenumberthatinvolvedathirdpartydoubledto30%.

Businessemailcompromise(BEC)isthemos