KnowBe4: Cyber Insurance Claims Hit Record Levels

Share
Cyber attack costs have reached record levels, according to research from KnowBe4
Research from security awareness training provider KnowBe4 shows US$4.88m average breach cost as cyber insurers demand stronger security controls

The cyber insurance market is undergoing rapid transformation as insurers face mounting losses from digital attacks. As cyber criminals continue to exploit remote work practices and cloud adoption, providers are withdrawing coverage, raising premiums and demanding evidence of security controls before issuing policies to organisations.

As a result, today’s security insurers are requiring stricter controls and raising premiums as cyber attack costs reach record levels, according to research from KnowBe4, a security awareness training and simulated phishing platform provider serving more than 70,000 organisations worldwide.

Youtube Placeholder

The company’s latest report, titled ‘Cyber Insurance and Security: Meeting the Rising Threat’, highlights how organisations are strengthening defences through a combination of insurance coverage and security measures. Its findings reveal growing pressure on businesses to protect digital infrastructure as attackers target employees through social engineering techniques, including phishing emails and impersonation attacks.

KnowBe4’s research shows growing cost burden for SMEs

The average cost of a data breach reached US$4.88 million in 2024, with significant regional variations, according to IBM’s annual Cost of a Data Breach report. Small and medium-sized enterprises face lower average costs but experience more severe financial impacts from cyber incidents due to limited resources and recovery capabilities.

Insurance providers are implementing stricter requirements for cyber coverage, requiring organisations to demonstrate security controls before issuing policies. These controls include security awareness training programmes, which aim to reduce the likelihood of successful attacks through regular employee education and testing.

Key facts
  • Average data breach cost reaches US$4.88 million in 2024
  • Human factors contribute to 75% of data breaches
  • KnowBe4 platform serves more than 70,000 organisations worldwide

The research indicates that human factors contribute to 75% of data breaches. Social engineering and phishing attacks, where attackers manipulate employees into revealing sensitive information or credentials, remain primary attack vectors that organisations must defend against.

KnowBe4 platform develops AI-driven security response

The company has developed an AI-driven platform called HRM+ that creates adaptable defence mechanisms against emerging cyber threats. The system includes awareness and compliance training modules, cloud email security, real-time coaching, and crowdsourced anti-phishing tools.

The platform aims to transform employees from potential security vulnerabilities into active defenders of organisational assets through personalised cybersecurity training and protection tools.

Legal requirements drive US$4.88m average breach costs

The expansion of data privacy legislation has led to an increase in class action lawsuits, particularly in the United States. This trend is expected to spread to Europe as regulatory frameworks mature and citizens become more aware of their data privacy rights.

Stu Sjouwerman, CEO of KnowBe4

The costs of cyber attacks extend beyond immediate system disruptions to include legal fees, regulatory fines and reputational damage. The research indicates that cyber threats rank as the primary global business concern for organisations across all sectors.

“In today’s interconnected world, the complexity and frequency of cyber threats are intensifying at an unprecedented rate,” says Stu Sjouwerman, CEO of KnowBe4. “This latest research clearly indicates that organisations, regardless of size, must adopt a proactive and comprehensive approach to cybersecurity.”

Industry partnerships shape future of cyber defence

The report emphasises the relationship between security practices and insurance coverage. Insurers examine an organisation's security posture, including employee training programmes and incident response capabilities, when determining premiums and coverage limits.

The research advocates for strategic partnerships between businesses, insurers and cybersecurity experts to address emerging threats. This collaborative approach aims to combine technological defences with comprehensive insurance coverage and employee education.

In today's interconnected world, the complexity and frequency of cyber threats are intensifying at an unprecedented rate

Stu Sjouwerman, CEO, KnowBe4

The findings suggest that prevention and security culture development require equal attention alongside technical controls. Organisations must implement regular training programmes while maintaining comprehensive insurance coverage against potential breaches.

“Cybersecurity cannot remain an isolated IT function," Stu adds. “Instead, it must be embraced as a core component of organisational strategy, ensuring that technological risk management is backed by informed human defences and comprehensive risk management practices, including cyber insurance.”


Explore the latest edition of Cyber Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.

Discover all our upcoming events and secure your tickets today. 


Cyber Magazine is a BizClik brand

Share

Featured Articles

AWS and Exclusive Networks: enhancing cloud security

Exclusive Networks has signed two agreements with AWS that enhance its cloud capabilities and provide advanced cybersecurity solutions

Arctic Wolf Completes Acquisition of Blackberry's Cylance

Arctic Wolf will incorporate Blackberry's Cylance endpoint security assets into its Aurora platform, helping organisations reduce risk exposure

AI-Powered Fraud on the Rise for Financial Institutions

Data from AuthenticID has found a rise in deepfake-related fraud attempts and synthetic identity fraud for finance firms

Sophos: Gen AI Flaws Could Negatively Impact Cybersecurity

Technology & AI

Is the UK Government Ready to Face Severe Cyber Threats?

Cyber Security

What Does DeepSeek’s Cyber Attack Mean for Data Privacy?

Cyber Security