A recent report by UK backup solutions provider Databarracks highlights a notable trend in the cyber insurance industry, revealing that while more organizations are acquiring cyber insurance, the number of claims filed has significantly decreased. The 2024 Data Health Check report indicates that 66% of UK organizations now have cyber insurance, a substantial increase from 51% in 2022 and 57% in 2023. Despite this growing adoption, the percentage of organizations making claims plummeted from 58% in 2022 to just 36% in 2024, suggesting a shift in how organizations are responding to cyber incidents.
In addition to the decline in claims, the financial compensation sought by organizations has also seen a sharp reduction. Claims exceeding £1 million ($1.3 million) dropped dramatically from 48% in 2022 to only 16% in 2024. This downturn in claims and compensation comes despite cyber incidents remaining the leading cause of IT downtime, accounting for 24% of such incidents, and data loss at 46%. The report underscores that while the threats from cyber incidents persist, organizations are increasingly better prepared to manage these challenges.
The Databarracks report also emphasizes a broader adoption of business continuity plans among organizations. In 2024, 82% of organizations indicated that they have a business continuity plan in place, a notable increase from 73% in the previous year, with 57% stating that their plans are current. Additionally, three-quarters of organizations reported having physical, logical, or combined solutions for air-gapping their backups. This proactive approach has proven effective, as 54% of organizations were able to recover their systems from backups during ransomware attacks, negating the need for ransom payments.
James Watts, managing director at Databarracks, attributes the decline in claims to organizations’ increased preparedness and changes in cyber insurance policies that have raised the bar for obtaining coverage. The report highlights that stricter insurance requirements and rising costs have compelled organizations to bolster their cyber defenses rather than relying on insurance as a fallback. Watts asserts that well-structured cyber insurance policies do not incentivize ransom payments but rather encourage organizations to strengthen their security measures, marking a positive shift in the industry’s response to the growing threat of ransomware.
Reference:
