Majority of cyber claims come from three areas: Cowbell

The majority of cyber claims are most related to data breaches, cybercrime and extortion events, according to the 2026 Claims Report from Cowbell.

The report analyzes 18 months of incident data to reveal insights. It identifies emerging trends including smaller threat groups rising and an increase in AI-enhanced phone impersonation.

"What stands out the most is the disconnect between the frequency of cyber attacks and the severity of ransom payments, ransomware incidents aren't declining, but payments are," Lili Knushaj, director of claims at Cowbell, told Digital Insurance via email. "That suggests organizations are getting better backup strategies and stronger incident response."

Business Email Compromise remains one of the most financially damaging cyber crimes, as of early 2026. The report suggests that organizations continue to underinvest in employee training and multi-factor authentication. 

The average ransom payments decreased by about 44% but ransomware attacks rose 45% in 2025, according to the data. Ransomware remains a consistent part of risks, representing 19% of Cowbell claims between 2022 and 2025. The report suggests that incidents are evolving from encryption to "double extortion" and "data only" schemes that threaten to leak sensitive information.