Cyber insurance: it’s like health insurance for your company’s digital soul. And according to Coalition’s most recent we-swear-this-isn’t-just-a-marketing-piece report, 2024 was technically a win—because cyber claims dropped 7%. Huzzah! Break out the sparkling firewalls and encrypted confetti.
But before we start slapping “Mission Accomplished” banners on our server rooms, let’s take a closer look at what this actually means. Because if 2024 was a “win,” then it was the kind where you barely limp across the finish line with your data trailing behind you in a ransomware hacker’s shopping cart.
A Victory Lap for “Active Insurance” (Whatever That Means)
Coalition's Global Head of Claims, Robert Jones, declared that “active insurance works.” Which is a cute way of saying: if you pay attention to your cyber hygiene and don’t treat your email like a digital dumpster, you’re slightly less likely to get mugged online.
Active insurance, in Coalition-speak, is basically cybersecurity with a Fitbit: monitor your behavior, analyze your risks, and hopefully avoid digital diabetes. They’ve built something called an “Active Data Graph,” which sounds like a high-tech way of saying, “We know when you clicked that phishing email, Steve.”
The good news? Claims frequency dipped to 1.48% globally. The bad news? If you’re in the U.S., it’s higher at 1.54%, because freedom isn’t free—and apparently, neither is two-factor authentication.
Ransomware: Still the Alpha of the Apocalypse
Let’s talk about ransomware, because hackers sure are. These guys don’t just want your data—they want you to beg for it. Even though ransomware only made up 20% of claims, it accounted for the lion’s share of the financial carnage.
Average ransomware loss in 2024? A smooth $292,000. That’s the price of a small condo, a college degree, or three hours of decent legal counsel after you’ve told your CEO you lost all the files.
And hey, if you’re in Canada—sorry, eh—ransomware hits extra hard. Average losses there clocked in at $665,000. That’s not a typo. Canada’s politeness does not, apparently, extend to cybercriminals.
The UK, on the other hand, apparently told ransomware to sod off. Their average loss was $82,000. We assume this is because their hackers are too busy watching Love Island or worrying about the price of tea.
BEC and FTF: Still Sounds Like Fake Diseases, Still Screwing You Over
If you’re wondering what the reigning cyber threats were in 2024, the answer is email. Yes, the thing you check 96 times a day and still forget to reply to your boss on. Business Email Compromise (BEC) and Funds Transfer Fraud (FTF) made up 60% of all cyber insurance claims.
In layman’s terms: people still fall for "I need a wire transfer right now, thanks!" emails.
BEC frequency stayed stable at 0.44%, but severity rose 23% to $35,000 per incident. That means the average phishing email is now more effective than your company’s entire HR department.
And FTF? Still a problem. Average losses dipped to $185,000, but that’s like saying the shark bit off your leg, but not your arm too, so we’re counting that as progress.
Also, if you’re in the UK, you got phished more often (0.51% frequency for BEC), but you lost less money. Because British restraint apparently applies even when being digitally robbed.
Miscellaneous First-Party Losses: The Shrimp Cocktail of Cyber Claims
You know it’s bad when “miscellaneous” cyber losses still average $49,000. That’s what we call “the accidental carnage” category: someone clicked something they shouldn’t, the backup failed, and next thing you know the interns are managing crisis PR.
Meanwhile, third-party allegation claims dropped 50% in frequency and 86% in severity—likely because businesses finally realized that suing someone after your system’s on fire is like arguing over the bill while the restaurant collapses.
Sector Breakdown: Guess Who’s Screwed the Most?
Not all industries are created equal in the cybercrime casino. Some are playing penny slots, others are strapped to the roulette wheel.
-
Consumer Staples (2.6%): Apparently, cybercriminals are hungry. Or maybe they just like going after companies that make stuff people need, like toothpaste or potato chips.
-
Materials (2.2%) and Industrials (1.64%): Your company might make bolts, but to hackers, you’re just another Bitcoin opportunity.
-
Energy ($262K), Real Estate ($179K), Health Care ($144K): These sectors lost the most money, probably because they touch things that matter—like power grids, mortgages, and your actual body.
If your company’s idea of security is a 12-character password that’s been the same since 2013, you might want to reevaluate.
Size Matters (But Not In The Way You Think)
Coalition’s data shows that big companies bleed more, but small ones bleed easier.
-
Small businesses (<$25M): 1.07% claim frequency, $79,000 per loss. That’s one poorly crafted email away from bankruptcy with sprinkles.
-
Mid-size ($25M–$100M): 3.99% frequency, $139K losses. Basically, you’re just big enough to be interesting to hackers, but not big enough to afford a SWAT team of CISOs.
-
Large orgs (>$100M): 5.97% frequency, and a 21% spike in loss severity to $228,000. Because when big companies go down, they go down like a Netflix docuseries.
"But We Have Antivirus!" = Famous Last Words
Cybersecurity isn’t a product. It’s not a one-time installation, or a Norton pop-up from 2007. It’s a culture, a habit, and occasionally a caffeine-fueled sprint to plug a zero-day exploit before lunch.
Yet most companies still treat cybersecurity like flossing: they know they should, they say they do, but they definitely don’t.
And let’s not even talk about training. If your cyber awareness training is still a 45-minute PowerPoint narrated by someone who sounds like they’re actively being held hostage, you’re part of the problem.
March 2025: The Ransomware Revenge Tour
Just when you thought the cyber skies were clearing, Robert Jones gave us a not-so-friendly reminder: March 2025 had the highest volume of public ransomware cases of all time.
So much for your 7% victory dance.
Hackers are evolving. They don’t sleep, they don’t care about your work-from-home policies, and they definitely don’t take PTO. Meanwhile, your company’s biggest defense is probably Bob from Accounting, who still clicks every email that says “URGENT: INVOICE ATTACHED.”
Coalition’s Bottom Line: “We Got Your Back, Maybe”
To be fair, Coalition is doing some things right. They’re proactive. They send alerts. They’re probably the only ones actually reading your patch notes. But don’t mistake that for immunity.
Insurance is not a substitute for strategy.
Getting cyber insurance and then ignoring your risk is like buying flood insurance and building your beach house in a swamp. You might get reimbursed, but you’ll still be wet, miserable, and out of pocket.
So, What Now?
If you’re reading this thinking, “Great, I’ll just buy more insurance and let the robots handle it,” congratulations—you’re what cybercriminals call a repeat customer.
Here’s what active cyber risk management actually looks like:
-
Patch your systems. Stop treating updates like optional colonoscopies.
-
Train your people. They are both your greatest defense and your most enthusiastic liability.
-
Segment your network. If ransomware gets in, don’t let it roam free like it's on a staycation.
-
Multi-factor everything. It’s 2025. Your password alone is as trustworthy as a crypto bro's handshake.
-
Backups. Offsite. Offline. Untouchable. Not in a random Dropbox folder named “final-final-really-final.”
Final Snarky Thoughts
A 7% decrease in claims frequency is... fine. Not bad. Not revolutionary. It's the cybersecurity equivalent of losing three pounds after a year of jogging while still eating nachos in bed. Sure, we’re moving in the right direction. But the bar is so low we’re practically tripping over it.
And with ransomware already on a 2025 hot streak, we’re not out of the woods—we’ve just found a slightly wider trail through the swamp.
So, let’s stop pretending that insurance is magic and start treating cyber risk like what it actually is: a forever war fought one suspicious link at a time.
Good luck. And please, for the love of all things encrypted, stop reusing your dog's name as your password.
[Author’s Note]: If this blog made you chuckle and flinch at your lack of cyber prep, go buy your IT team lunch. They’re the only ones standing between your business and the ransomware apocalypse.
