Cybersecurity budgets may need adjusting

Recent research suggests CFOs approved larger cybersecurity budgets this year. But to address changing criminal tactics, organizations must shift where those investment dollars are going, a cyber insurance company advised.

The World Economic Forum, in a recent report, noted that “strengthening collective cyber resilience has become both an economic and a societal imperative.” The WEF found that AI technology and geopolitics are key drivers of organizations’ cybersecurity concerns.

Nearly two-thirds of organizations plan to increase their cybersecurity investments this year, according to a global survey of 2,200 cyber risk leaders from insurance broker Marsh. Respondents’ top investment priorities included cybersecurity technology and mitigation, incident planning and preparation, cybersecurity personnel, staff training, and cyber insurance.

In a recent cyber risks report, cyber insurance and risk management firm Resilience noted a “fundamental shift in criminal economics” in 2025, in which extortionists shifted their tactics from “extortion through operational disruption (encryption) to reputational leverage (data theft).”

Consequently, the risk calculus shifts from immediate disruption to long-term consequences: “the multi-year legal, regulatory, and reputational ‘tail’ that follows a data exposure event,” according to the report. For instance, South Korean e-commerce company Coupang faces a class-action lawsuit following a November data breach that affected 34 million customers, Reuters reported.

Resilience recommended CFOs “shift investment from backup to prevention,” since extortion attacks “require different defenses” than attacks focused on encrypting data.

Marsh, meanwhile, recommended “focusing investments on cybersecurity fundamentals,” such as endpoint detection and response. Such investments “may be critical,” according to Marsh, because they’re “correlated highly with a reduction in the likelihood of cyber incidents.”

Some good news: One optimistic tidbit is that insurance claims stemming from cyber incidents fell on an annual basis last year.

In another report, Marsh noted a decrease of 29% YoY in cyber claims from US and Canadian businesses in 2025, as well as a 33% decrease in cyber extortion events, which the broker said was partly due to “improved organizational cybersecurity awareness and controls.” However, claims activity picked up in the latter part of 2025 on a quarter over quarter basis.