VendorsAXA XL
AXA XL
Cybersecurity reports and statistics published by AXA XL
8 categories1 reports
Research Reports
Reports and publications from AXA XL
Recent Statistics & Reports
Companies with revenues between $500M and $750M had an average relative frequency of large claims on primary policies of 1.40.
9/9/2025•
Cyber insuranceCyber claims
2021: 29.7% of large losses came from other causes, 23.7% from data breaches, and 46.6% from ransomware. Ransomware overtook all other causes and drove nearly half of the biggest cyber claims.
9/9/2025•
Cyber insuranceCyber claimsData breach
Businesses typically required around two full months to restore operations following a ransomware attack.
9/9/2025•
Cyber insuranceCyber claimsRansomware
In 14.3% of cases prior to 2019, the source of detection was miscellaneous or unknown.
9/9/2025•
Cyber insuranceCyber claimsData breach
In 2021, organizations took an average of 77 days to restore operations after a ransomware attack.
9/9/2025•
Cyber insuranceCyber claimsRansomware
Ransomware claims accounted for 54.3% of cyber claims in the sample for the period of 2019 and onwards.
9/9/2025•
Cyber insuranceCyber claimsRansomware
The average duration business operations were affected by ransomware in health care was 70 days.
9/9/2025•
Cyber insuranceCyber claimsRansomware
88% of all incurred losses from AXA XL cyber claims over the last decade arise from claims that surpass $1 million, suggesting that a relatively small number of large claims are responsible for the majority of cyber losses.
9/9/2025•
Cyber insuranceCyber claims
2023: 24.0% of large losses came from other causes, 13.3% from data breaches, and 62.8% from ransomware. Ransomware reached a record high, driving almost two-thirds of the largest cyber insurance payouts.
9/9/2025•
Cyber insuranceCyber claimsData breach
In 2021, victims paid on average 33.9% of the initial ransom demand.
9/9/2025•
Cyber insuranceCyber claimsRansomware
Data breach response / crisis management was triggered as the main driver of loss in 24.5% of claims (primary 23.6%, excess 26.7%), triggered with some loss impact in 27.5%, triggered with no loss impact known in 3.6%, and not triggered in 44.4%.
9/9/2025•
Cyber insuranceCyber claimsData breach response
In 16% of large ransomware claims, attackers leveraged compromised or weak credentials to gain entry.
9/9/2025•
Cyber insuranceCyber claimsRansomware
In 2023, only 11.1% of backups were affected by ransomware.
9/9/2025•
Cyber insuranceCyber claimsRansomware
Across all data breach cases combined, the average time to notice an attacker was 90 days prior 2019.
9/9/2025•
Cyber insuranceCyber claimsBreach discovery
Privacy & cyber security was triggered as the main driver of loss in 13.2% of claims (primary 9.4%, excess 22.2%), triggered with some loss impact in 14.6%, triggered with no loss impact known in 3.3%, and not triggered in 68.9%.
9/9/2025•
Cyber insuranceCyber claimsExtortion
37.2% of large losses came from other causes, 16.0% from data breaches, and 46.6% from ransomware. While other causes ticked up, ransomware continued to generate nearly half of the most expensive claims.
9/9/2025•
Cyber insuranceCyber claimsData breach
Average initial ransom demand (based on all cases with ransom demand) in 2020: $11.25 million.
9/9/2025•
Cyber insuranceCyber claimsRansomware
In 2022, organizations took an average of 43 days to restore operations after a ransomware attack.
9/9/2025•
Cyber insuranceCyber claimsRansomware
In 2023, 88.9% of backups were not affected by ransomware.
9/9/2025•
Cyber insuranceCyber claimsRansomware
For data breach cases where the attacker was detected by internal IT staff or an outsourced cybersecurity provider (OCP), it took an average of 61 days to notice the attacker prior 2019.
9/9/2025•
Cyber insuranceCyber claimsBreach discovery
Showing 21-40 of 80 results