Executive Summary based on the Coalition 2026 Cyber Claims Report
The Cyber Protection Paradox
Despite record cybersecurity investment, businesses face higher incident likelihood due to fragmented tools and complexity rather than under‑investment.
Claims Trends
Incident frequency rose in 2025, but average loss severity fell significantly due to improved containment and recovery.
Email‑Based Attacks
Business Email Compromise and Funds Transfer Fraud accounted for 58% of all claims, remaining the dominant gateway risks.
Funds Transfer Fraud
Most FTF losses stemmed from social engineering. Rapid reporting materially improved fund recovery outcomes.
Ransomware
Ransom demands increased sharply, but most organisations refused to pay. Dual extortion is now the dominant model.
Initial Access
Attackers primarily exploited VPNs, perimeter devices and stolen credentials.
Operational & Third‑Party Losses
Internal errors and third‑party failures continued to cause material disruption.
Legal & Privacy Exposure
Third‑party claims increasingly relate to data protection and web‑tracking practices.
Industry & Size Insights
Risk varies by sector and revenue size, with no organisation immune.
Active Insurance
Integrated prevention, response, cover and security controls materially reduce losses.
