Business interruption is the main driver of cyber claim costs, while ransoms are paid to criminals in only 10%-15% of cases, Emergence Insurance says.

The median claim cost at Emergence last year was $36,000, up from $31,000 in 2023.

“The cost associated with ransomware claims is largely being driven by a company’s inability to generate revenue during and after an attack,” the cyber underwriting agency said. “Emergence has seen full-limit loss claims in the past two years from significant business interruption losses.

“So the limits of cyber insurance purchased by SMEs is becoming more critical.”

Ransomware incident costs averaged $207,600 last year, almost doubling in three years as incident severity increased.  

The average cost of $81,000 for claims from last year that have been finalised is down from Emergence’s high of $164,000 in 2023, but some business interruption losses are yet to be closed. 

CEO Troy Filipcevic says recovering from cybercrime can cost millions of dollars. 

“SMEs are particularly vulnerable – cyber insurance can be the difference between surviving an attack or going bust. Immediate and effective incident response is crucial to mitigating the impact,” he said.

“With the severity of claims increasing and more and more businesses targeted, it’s concerning.”

Ransomware accounted for 62% of all Emergence claim costs last year, and the agency says 2025 is shaping as another significant period: the median cost of cyber extortion claims is presently up more than 10% on last year.

Business email compromise – in which threat actors use fake correspondence to gain account login details – accounted for almost half of claims last year.

Socially engineered theft – which can involve human error such as not calling a vendor after receiving a fraudulent change of bank account details – made up 16%.

“Many employees are still unaware of how their inadvertent acts can result in a serious cyber incident,” Emergence head of claims and incident response Blake Baxter said. “We see business email compromises all the time.”

Insider and privilege misuse accounted for 6% of claims. “Rogue employees and business partners are a difficult threat to guard against,” Emergence said.

Healthcare and professional services are the most cybercrime-targeted industries due to their sensitive data and frequent financial transactions. Manufacturing ranks third.  

Find Emergence’s cyber claims report here.