Cyber in Focus 2025 highlights: Incidents Cost Companies US$2.4M on Average

Cyber in Focus 2025 highlights how cyber risk has become one of the most costly and disruptive threats for businesses worldwide, with incidents generating significant financial losses and prolonged operational disruptions.

The growing financial and operational impact of cyber incidents

According to the report Cyber in Focus 2025: Bridging the Gap Between Perception and Reality, developed by WTW, a single cyber incident can result in average losses of $2.4 million and cause operational disruptions lasting up to 24 days.

The study is based on the analysis of more than 4,650 cyber insurance claims across over 90 countries, combined with insights from WTW’s Global Directors and Officers Survey. This dual approach allows for a comparison between how boards perceive cyber risk and what actually happens when incidents occur.

A gap between perception and real exposure

One of the report’s key findings is the disconnect between perceived preparedness and actual outcomes. While many organizations believe they have strong cybersecurity strategies in place, real-world incidents continue to generate substantial impact.

The data shows that insurers have paid more than US$655 million in cyber-related claims, with ransomware cases averaging US$2.7 million per claim. The largest single incident analyzed in the report exceeded US$331 million, underscoring the scale such events can reach.

Third-party risks and rising incident rates

The report also points to emerging sources of exposure. Notably, 50% of data breaches originate from third parties or suppliers, reflecting the increasing interdependence within digital supply chains.

At the same time, cyber incident reports surged by 43% in 2024, confirming the rapid expansion of cyber risk globally.

Despite the growing threat landscape, cyber insurance is covering a significant portion of reported events. According to the study, 92% of incident notifications fell within policy coverage, provided that terms and notification processes were clearly defined.

Latin America faces faster-growing risks

The report warns that in regions such as Latin America, cyber risk is evolving faster than board-level oversight. This trend is being driven by ransomware attacks, third-party vulnerabilities, and companies that have not adequately tested their incident response plans.

“Many organizations express confidence in their preparedness, but the analyzed cases show that response plans are rarely tested in real scenarios, which can increase both the duration of disruptions and the financial impact,” said Rodrigo Flores, Regional Cyber Manager Latin America at WTW.

Closing the gap between readiness and reality

WTW emphasizes that bridging the gap between perceived readiness and actual preparedness will be critical for organizations aiming to effectively manage cyber risk.

As cyber threats continue to scale in complexity and frequency, companies will need to align strategy, execution, and testing to reduce exposure and improve resilience.