Cyber insurance claims surged by 40% over the past eighteen months, while ransomware payments have dropped by 44%, according to a new report from Cowbell Cyber. The three most common incident types were data breaches, cybercrime (including phishing and business email compromise), and extortion attacks (including ransomware).
“US cyber insurance premiums declined for the first time to $9.14B, while claims rose 40%, signaling increased loss activity despite reduced premium volume,” the report says. “This signals a more active risk environment, even as pricing adjusts. Ransomware remains a consistent part of that landscape, representing 19% of Cowbell claims between 2022 and 2025. At the same time, average ransom payments have decreased by approximately 44%, reflecting stronger negotiation strategies and more effective claims handling.”
Social engineering remains the most effective initial access vector, with AI tools amplifying the potency of these threats.
“Human error and manipulations prevail as the most common entry point for threat actors,” the report says. “Based on 2025 APWG data identifying approximately 3.8 million phishing attacks globally, phishing and spoofing remain the most prevalent cyber threats, underscoring the need for strong employee awareness, email security, and proactive threat detection as critical first lines of defense. Often delivered at scale and designed to appear credible, threat actors continue to refine these scam tactics using AI, making messages more convincing and harder to detect.”
The researchers add, “Variants of phishing, like smishing (text messages) or vishing (phone calls) expand these risks across channels. These tactics are designed to exploit trust and create a sense of urgency to bypass security protocols. Practical defenses like multi-factor authentication (MFA), employee training, and rapid response remain some of the most effective ways to reduce exposure.”
Risk & Insurance has the story: Ransom Payments Drop 44% Even as Cyber Claims Surge, Cowbell Reports
