Cyber insurance claim severity dropped by more than 50% in the first half of 2025, according to Allianz Commercial’s Cyber Security Resilience 2025 report. That sounds like great news — until you dig deeper.

While large corporations are becoming harder to penetrate, attackers are pivoting toward smaller, less-protected firms — including professional services, tech startups, and manufacturers. In short: the battlefield has moved downstream.

The Shift: From Big Game Hunting to Small Business Targets

A few years ago, ransomware gangs chased multi-million-dollar payouts from global enterprises. Now, with those firms investing heavily in detection, response, and network segmentation, hackers are changing tactics.

Instead of targeting fortified enterprises, they’re going after smaller organizations with weaker defenses, faster paydays, and sensitive client data.

• 88% of data breaches at SMEs in 2025 involved ransomware — compared to just 39% among large corporations.
• Data theft (not encryption) is now the goal in 40% of large cyber claims — up from 25% in 2024.
• Supply chain compromises caused 15% of large claim losses, more than doubling from the previous year.

Even more concerning: cloud intrusions surged 136%, as attackers exploit the same tools businesses rely on to stay connected.

Why Professional Services and Tech Firms Are in the Crosshairs

Professional service firms — law, accounting, marketing, and consulting — are increasingly being viewed as soft targets with high-value data.

These firms store client records, financial details, and intellectual property — a gold mine for threat actors seeking ransom leverage.

Meanwhile, human error remains the weak link. Nearly 60% of breaches stem from employee mistakes or manipulation. Social engineering and AI-generated phishing are driving credential theft.

It’s not just data loss anymore. Privacy-related litigation is exploding. There were 1,500 data privacy lawsuits filed in the U.S. last year alone.

The Silver Lining: Prevention Is Paying Off

Allianz’s data shows insured companies’ proactive measures are working:

• Basic controls like patching, MFA, and network segmentation prevented many incidents entirely.
• Firms with active detection and response systems saw claims costs reduced by as much as 1,000x.
• Insured cyber losses rose only 70% over four years. This increase is small compared to a 250% rise in total global cybercrime costs.

In other words, insurance and prevention together create resilience.

What This Means for Your Business

If you’re a small or mid-sized business, the takeaway is clear: You are now the primary target.

Even if your company isn’t “big enough to hack,” your data — client files, contracts, or employee records — is.

Cyber insurance is no longer just a risk transfer tool; it’s a business continuity lifeline. Policies today not only pay for forensic recovery, legal defense, and ransom negotiation — they often include 24/7 access to cyber response teams that can contain incidents before they spiral.

Action Steps: Building Resilience in 2025 and Beyond

1. Review your security controls: Enable multi-factor authentication across all systems and vendors.
2. Train your employees: Human error drives most breaches. Ongoing awareness training matters.
3. Map your vendor dependencies: Supply chain attacks are rising fast.
4. Pair insurance with prevention: Use your policy benefits — hotlines, breach coaches, and vendor response partners — before you need them.
5. Reevaluate your limits: Cyber claim severity may be down, but costs like regulatory fines and lawsuits are rising sharply.

Final Thought

The Allianz report confirms what many of us in the insurance industry have seen firsthand. The cyber threat landscape isn’t shrinking. It’s shifting.

For businesses that rely on client trust and data integrity, cyber insurance isn’t optional. It’s essential.

Because in 2025, the question isn’t if your systems will be tested — it’s how prepared you are when they are.

-JK