Insurance rates for cyber cover are significantly down on last year, squeezed by competition and new providers in a growing area. Yet, despite a number of high profile attacks on companies, SMEs in particular are still slow to recognise the value of protection against digital crime.
Marks & Spencer, Jaguar Land Rover (JLR), the Co-op and Harrods have been among the big name victims of cyber crime in 2025. In JLR’s case, the cost could run into billions of pounds when full disruption and downstream supply chain impacts are included. Against this background, insurance broking giant Lockton says Q2 cyber premiums were down 12% year-on-year across its portfolio. Rival Aon calculates a roughly similar 11% for the same period.
There may still be a buying opportunity for those without cover, since the threat of cyber-attacks is far from receding. The National Cyber Security Centre (NCSC) reports that in the 12 months to August 2025 the UK dealt with 429 cyber incidents, of which 204 were “nationally significant”, up from 89 in the previous year. Research from BT and its partners says the average cost of a cyber-attack to an SME in 2025 is £7,960. In addition, 85% of businesses that experienced cyber security breaches or attacks faced phishing attempts.
Desperate times inevitably lead to desperate behaviours in business, not only from seasoned criminals sensing an opportunity in economic turbulence, but also from newcomers to white collar crime who have no other means of accessing large funds quickly. In an increasingly digital world, the threat from external fraudsters to all sizes of businesses has never been greater – and this has been amplified by home working and disjointed office environments since the pandemic: it is increasingly common for frauds to be committed by employees – present or former – with technological help from outsiders.
In ransomware attacks, criminals are not only asking for a ransom to be a paid but potentially then stealing and releasing hacked data – an entire new sector of cyber ransom negotiators is developing. The large scale exploitation of software vulnerabilities, such as in a VPN or firewall, is arguably the most obvious factor accelerating ransomware attacks in 2025. Several ‘cracks’ discovered in widely used platforms have contributed to rising attack figures.
Investment by enterprises, even at the lower end of the SME band, has been heavy, although it has been hard to sustain amid recent economic pressures on day-to-day revenues. Companies cutting cybersecurity investment and insurance – tempting when reviewing heavy areas of spending – do so at their peril. Like marketing spend, the value isn’t always immediately visible. Before wielding the axe, managers should consider their business’s dependency on its digital infrastructure
Business owners in a position to invest and explore the potential for cost-effective digitisation must consider ransomware very seriously. Those handling third-party data risk serious reputational damage, with customers happy to move to companies which they believe are better able to handle their information in a safe and secure way.
Written by Bea Vakharia, analyst at Buchler Phillips, a UK based independent boutique firm with an impeccable Mayfair heritage, specialising in corporate recovery, turnaround, restructuring and insolvency.