
Cyber security events highlighted the compounded risk stemming from increasing technology interdependencies and how quickly a cyber event can affect organizations. Beinsure analyzed the Aon`s 2025 Global Cyber Risk Report and highlighted the key points.
This report stands alone in its ability help businesses make better cyber risk decisions thanks to the unique way we have drawn together data and interpretation across critical cyber security controls, cyber events and the cyber insurance market —globally and by region.
The World Economic Forum identified supply chain interdependencies as a main factor contributing to the rising complexity of cyberspace in 2025.
A ransomware attack on a major U.S. healthcare payments technology provider compromised the private data of about 190 mn individuals.
A faulty CrowdStrike Cloud software update crashed more than 8.5 mn systems, disrupting global operations for days and affecting commercial flights, hospitals, and financial services. These major incidents drove an increase in cyber insurance claims throughout the year.
Aon’s U.S. Cyber Solutions broking data recorded 1,228 reported incidents among broking clients in 2024, a 22% rise from the previous year, with cyber incidents and litigation accounting for most claims, increasing by 31%.
Despite the disruption caused by systemic cyber events and the rising number of claims, the financial impact on the insurance industry remained limited because of purchasing trends, changes in program structures, and business continuity planning by insured organizations.
Nevertheless, the industry remains vigilant. The past year’s events were close calls that could have been catastrophic and underscored the risks insurers and organizations must address.
Cyber Insurance Market Competition Intensifies
Organizations approached US cyber risk seriously in 2024. Data from Aon’s Cyber Quotient Evaluation (CyQu) platform showed improvements in client risk scores across key domains.
Insurer confidence improved across many sectors as clients focused on addressing critical “red flag” security controls and domains.
In both the U.S. and Canada, the strongest-performing cyber security domain in 2024 was endpoint security, which includes penetration testing, network environment, and network capacity. Application security and third-party security scored lowest among the domains.
U.S. E&O-Cyber Broking Reported Incident



Insurer Confidence Was Restored in Most Industries
Insurer confidence was restored in most industries and on average, U.S. buyers achieved a 7% premium decrease in Q1 2025, while Canadian clients saw a 15% decrease.
Underwriting rigor became more established, and clients made great strides improving critical — or red flag — security controls and domains.
Cyber risk insurance claims rose 22%, while ransomware claims payouts declined 77%. The insurance industry had a strong wake-up call but proved immune to the systemic cyber events of the year.
Payment trends and preparedness placed insureds in a more resilient position despite the continued impact of ransomware. The complexity of supply chain risk persisted, and privacy risk ticked up amid an increasingly litigious environment.
Cyber Attack Technique – Impact
| Cyber Attack Technique | RR Likelihood | Mean SVI* |
|---|---|---|
| Network and System Attacks | 19% | -51% |
| System Exploits | 8% | -31% |
| Human Factors | 12% | -30% |
| Malware | 20% | -28% |
| Unauthorized Access and Credential Attacks | 8% | -25% |
Source: AON
Cyber Insurance and Cyber Control
7% of clients improved the target time for critical patching, moving from more than seven days to three-to-seven days, and noticeable growth was reported in disaster recover/backups and multi-factor authentication (MFA).
6% Improvement YoY Aon Renewal Clients
The Red flags shown are categorized as ‘imperative’ and ‘critical’ as determined by the market conditions – higher criticality weightings are more likely to impact underwriting.
Data for over 1,350 renewal clients in the US. SME ($0-$100M) and Middle-Market ($100M-$2B) account for 78% of the data.
Improvements YoY were noted in:
- 7% of clients improved from target time for critical patching >7 days to 3-7 days
- Disaster Recovery/Backups
- Multi-Factor Authentication (MFA)
FAQ
Major systemic events in 2024–2025 highlighted the growing interdependency of global technology systems. Notable incidents included:
A ransomware attack on a major U.S. healthcare payments provider exposing data of 190 million individuals
A faulty CrowdStrike Cloud software update that crashed over 8.5 million systems globally, disrupting healthcare, aviation, and financial sectors
These events drove a 22% year-over-year rise in cyber insurance claims and emphasized the need for resilience in interconnected systems.
Despite the surge in claims and systemic risk events, the insurance industry remained financially stable due to:
Stronger underwriting standards
Better business continuity planning by clients
More mature purchasing behaviors and risk segmentation
Insurer confidence was notably restored in most industries, supported by improvements in critical cybersecurity domains such as endpoint protection.
According to Aon’s Cyber Quotient Evaluation (CyQu) data, the best-performing domain in 2024 was endpoint security, while application security and third-party/vendor security scored the lowest. Common weaknesses involved patch management, third-party access risks, and inadequate testing protocols.
Improvements were seen in:
Multi-Factor Authentication (MFA)
Backup/Disaster Recovery processes
Patch management times (7% of clients reduced patching windows to 3–7 days)
Intensified competition among insurers led to more favorable pricing. In Q1 2025:
U.S. policyholders saw a 7% average premium decrease
Canadian policyholders benefited from a 15% average decrease
At the same time, ransomware payouts declined by 77%, indicating improved detection, containment, and negotiation strategies by insured clients.
Businesses must monitor several evolving dynamics:
Continued risk from supply chain interdependencies
Increased privacy-related litigation and regulatory scrutiny
Greater emphasis by insurers on red-flag controls (e.g., patching, MFA, disaster recovery)
Exclusions for systemic risks such as cyber warfare and terrorism
Middle-market and SME sectors (under $2 billion in revenue) accounted for 78% of renewal data and showed steady improvements in security posture. Proactive engagement with insurers and commitment to cyber hygiene are becoming critical factors for policy terms and renewal success.
