Ransomware incidents are projected to surge globally, with publicly named victims expected to surpass 7,000 by 2026, up from 5,010 in 2024, according to QBE's latest cyber report, Cloud cover: forecasting digital disruption in a cybercrime climate, developed with Control Risks.
The findings highlighted the rising financial and operational risks facing insurers and policyholders alike, as cyber threats evolve alongside rapid adoption of cloud and artificial intelligence (AI) technologies.
Canada accounted for nearly 7% of the 447 major global cyber incidents over the past two years, while North America as a whole made up more than half. QBE noted that the shift toward cloud infrastructure and AI has heightened exposure to ransomware and data breaches, both key loss drivers in cyber insurance claims.
The report found that high-severity cloud alerts jumped 235% in 2024 compared with the previous year, and that nearly half of corporate data stored in the cloud is now considered sensitive.
For insurers, this trend signals growing aggregation risk. The concentration of valuable data across fewer cloud providers and software platforms increases the potential for systemic losses if a single vendor is compromised. QBE cited the 2023 breach at identity management provider Okta, which exposed 134 business clients and erased US$2 billion in market value, as an example of the cascading impact that third-party incidents can have on insured portfolios.
QBE observed that the cyber threat environment is becoming increasingly complex, with generative AI lowering the technical barriers for criminals and enabling faster, more precise attacks. Deepfakes were linked to nearly 10% of successful cyberattacks in 2024, with losses ranging from US$250,000 to US$20 million. Such developments, the insurer said, are expected to sustain demand for cyber coverage but also challenge underwriting models and risk appetite.
The insurer stressed that as exposures evolve, businesses and brokers need to reassess limits, exclusions, and third-party dependencies. Policies covering ransomware, data restoration, and business interruption are expected to see continued scrutiny, while underwriters refine pricing and coverage terms to reflect growing volatility.
"The risk landscape is shifting substantially as Canadian businesses expand their use of cloud infrastructure and AI tools," said Kyle Gray (pictured), technical underwriter team lead, cyber. "[I]t is vital to have a clear knowledge of your suppliers and remain aware of their vulnerabilities."
Peer insurers such as Beazley and AXA XL have made similar observations, noting that while cyber pricing has stabilized after several years of sharp increases, claims severity and frequency remain elevated. Insurers are also expanding their use of advanced analytics and scenario modelling to manage systemic risk across sectors such as manufacturing, professional services, and government administration — the top three targets for cyberattacks globally between 2023 and 2025.
QBE’s report further called on businesses to integrate cyber risk management into their operational planning, emphasizing that robust governance and insurance protection must go hand in hand. The insurer recommended stronger identity controls, encryption, and incident response testing — measures that not only reduce exposure but also demonstrate insurability in a tightening market.
According to QBE, maintaining resilience requires constant alignment between corporate security practices and insurer risk frameworks, as both sides prepare for an era of increasingly interconnected and data-dependent operations.
