As of January 2024, around 58 percent of large companies in the United Kingdom (UK) had experienced cybercrime within the past year. Medium businesses ranked second, with 45 percent of companies experiencing cybercrime. Overall, about 22 percent of UK businesses stated having experienced any form of cybercrime in the preceding year.

Annual data on the nature of fraud and computer misuse offences. Data for the year ending March 2021 and March 2022 are from the Telephone-operated Crime Survey for England and Wales (TCSEW).

The number of cyber-dependent crime incidents in the United Kingdom (UK) has increased between the fourth quarter of 2022 and the second quarter of 2023. In the most recently measured period, 8,106 such incidents were reported in the market, up from 6,030 cases in the fourth quarter of 2022.

Between the fourth quarter of 2022 and the second quarter of 2023, the monetary losses caused by cyber-dependent crime in the United Kingdom (UK) fluctuated. In the first quarter of 2023, the loss amount was 1.8 million GBP, up from 1.3 million GBP in the fourth quarter of 2022. In the second quarter of 2023, the amount of losses due to cybercrime incidents decreased again, totaling 1.1 million GBP.

Crime Survey for England and Wales (CSEW) and Home Office police recorded crime data, by quarterly time periods.

As of January 2024, around nine in ten businesses in the United Kingdom (UK) stated having experienced a phishing attack in the past year. A further 10 percent said they had experienced hacking incidents. Additionally, around two percent reported experiencing viruses, spyware, or malware attacks.

Cybercrime costs in the United Kingdom (UK) reached an estimated 51.81 billion U.S. dollars in 2024. Between 2017 and 2024, this figure has seen a significant increase. According to the latest estimates, this dynamic will continue in upcoming years, reaching approximately 98 billion U.S. dollars in cybercrime costs by 2028.

In the second quarter of 2023, 30862 consumer fraud cases were reported in the United Kingdom, making it the type of fraud with the highest number of reports. Advance fee ranked second, with 9872 reports. Cyber dependent crime, which indicates different forms of hacking and cybercrime, followed with over 8100 reported cases.

As of January 2024, around 50 percent of businesses in the United Kingdom (UK) encountered disruptive cybersecurity breaches or cyberattacks in the last 12 months. This is a notable increase since 2022, when the figure stood at only 39 percent.

Abstract copyright UK Data Service and data collection copyright owner.

The Crime Survey for England and Wales (CSEW) asks a sole adult in a random sample of households about their, or their household's, experience of crime victimisation in the previous 12 months. These are recorded in the victim form data file (VF). A wide range of questions are then asked, covering demographics and crime-related subjects such as attitudes to the police and the criminal justice system (CJS). These variables are contained within the non-victim form (NVF) data file. In 2009, the survey was extended to children aged 10-15 years old; one resident of that age range was also selected from the household and asked about their experience of crime and other related topics. The first set of children's data covered January-December 2009 and is held separately under SN 6601. From 2009-2010, the children's data cover the same period as the adult data and are included with the main study.

The Telephone-operated Crime Survey for England and Wales (TCSEW) became operational on 20 May 2020. It was a replacement for the face-to-face CSEW, which was suspended on 17 March 2020 because of the coronavirus (COVID-19) pandemic. It was set up with the intention of measuring the level of crime during the pandemic. As the pandemic continued throughout the 2020/21 survey year, questions have been raised as to whether the year ending March 2021 TCSEW is comparable with estimates produced in earlier years by the face-to-face CSEW. The ONS Comparability between the Telephone-operated Crime Survey for England and Wales and the face-to-face Crime Survey for England and Wales report explores those factors that may have a bearing on the comparability of estimates between the TCSEW and the former CSEW. These include survey design, sample design, questionnaire changes and modal changes.

More general information about the CSEW may be found on the ONS Crime Survey for England and Wales web page and for the previous BCS, from the GOV.UK BCS Methodology web page.

History - the British Crime Survey

The CSEW was formerly known as the British Crime Survey (BCS), and has been in existence since 1981. The 1982 and 1988 BCS waves were also conducted in Scotland (data held separately under SNs 4368 and 4599). Since 1993, separate Scottish Crime and Justice Surveys have been conducted. Up to 2001, the BCS was conducted biennially. From April 2001, the Office for National Statistics took over the survey and it became the CSEW. Interviewing was then carried out continually and reported on in financial year cycles. The crime reference period was altered to accommodate this.

Secure Access CSEW data
In addition to the main survey, a series of questions covering drinking behaviour, drug use, self-offending, gangs and personal security, and intimate personal violence (IPV) (including stalking and sexual victimisation) are asked of adults via a laptop-based self-completion module (questions may vary over the years). Children aged 10-15 years also complete a separate self-completion questionnaire. The questionnaires are included in the main documentation, but the data are only available under Secure Access conditions (see SN 7280), not with the main study. In addition, from 2011 onwards, lower-level geographic variables are also available under Secure Access conditions (see SN 7311).

New methodology for capping the number of incidents from 2017-18
The CSEW datasets available from 2017-18 onwards are based on a new methodology of capping the number of incidents at the 98th percentile. Incidence variables names have remained consistent with previously supplied data but due to the fact they are based on the new 98th percentile cap, and old datasets are not, comparability has been lost with years prior to 2012-2013. More information can be found in the 2017-18 User Guide (see SN 8464) and the article ‘Improving victimisation estimates derived from the Crime Survey for England and Wales’.

Fraud and Cyber Crime Module
The Office for National Statistics have recently completed a substantial project to develop new questions on fraud (both online and offline) and other types of cyber crime for inclusion in the Crime Survey for England and Wales (CSEW).

The project involved the development, cognitive testing and piloting of a number of screener questions designed to identify who had experienced different types of fraud and cyber crime. The final screener questions were incorporated into the live survey in April 2015 and are now being asked of half the sample of survey respondents. New victimisation module questions have also been developed to capture more detailed information about the offence and to allow accurate coding of the offences recorded. These were introduced into the live survey from October 2015, following testing in a large-scale field trial which took...

Estimates from Crime Survey for England and Wales (CSEW) on fraud and computer misuse. Also data from Home Office police recorded crime on the number of online offences recorded by the police and Action Fraud figures broken down by police force area.

These tables were formerly known as Experimental tables.

Please note: This set of tables are no longer produced. All content previously released within these tables has, or will be, redistributed among other sets of tables.

This supplementary volume explores topics from the 2010/11 British Crime Survey and provides analysis of the extent of and perceptions towards hate crime, use of the internet and cyber security and experimental statistics on the experience of crime among children aged 10 to 15.

Snapshot img

Cyber Insurance Market Size 2025-2029

The cyber insurance market size is forecast to increase by USD 13.29 billion at a CAGR of 23.2% between 2024 and 2029.

The market is experiencing significant growth driven by the increasing adoption of technology and the resulting heightened risk of cyber attacks. According to recent estimates, the global cybercrime damages are projected to reach USD6 trillion annually by 2021, underscoring the urgent need for cybersecurity measures and insurance coverage. This trend is particularly prominent in regions with advanced digital economies, such as North America and Europe. However, the market's growth trajectory is not without challenges. One of the most pressing issues is the lack of standardization in cyber insurance policies, which can make it difficult for businesses to compare offerings and choose the most appropriate coverage. Additionally, the rapidly evolving threat landscape and the increasing sophistication of cybercriminals necessitate continuous innovation and adaptation from insurers to stay competitive. Companies seeking to capitalize on market opportunities and navigate these challenges effectively should prioritize building strong partnerships with technology providers, investing in advanced threat intelligence and analytics, and offering flexible and customizable policies that cater to the unique needs of their clients. By staying agile and responsive to market demands, cyber insurance providers can differentiate themselves and seize the significant growth potential in this dynamic market.

What will be the Size of the Cyber Insurance Market during the forecast period?

Request Free SampleThe market continues to experience significant growth as businesses increasingly recognize the need to mitigate risks associated with cyber threats. According to recent industry reports, The market is projected to reach substantial size by 2026, driven by the increasing adoption of cloud computing, Internet of Things (IoT), and remote working. Cyber criminals continue to target organizations through various means, including data breaches, internet-based attacks, and IoT malware. Consequently, there is a growing demand for cyber insurance policies that provide coverage against financial losses resulting from these threats. Large enterprises are leading the charge in purchasing cyber insurance, recognizing the potential financial and reputational damage that can result from a cyber attack. IT infrastructure and information policies are critical components of cybersecurity, and cyber insurance can help organizations manage risks in these areas. Virtual private networks (VPNs) and other security measures are also important considerations for businesses seeking to protect their digital assets. Cybersecurity ventures and technology companies, such as SonicWall Cyber Threat Intelligence and SonicWall Capture Labs, play a crucial role in identifying and mitigating cyber threats. Information governance and cybersecurity best practices are essential for businesses to effectively manage their cyber risk and reduce the likelihood of a breach. Overall, the market is expected to remain a dynamic and evolving sector as businesses continue to grapple with the complexities of cybersecurity in an increasingly interconnected world.

How is this Cyber Insurance Industry segmented?

The cyber insurance industry research report provides comprehensive data (region-wise segment analysis), with forecasts and estimates in 'USD million' for the period 2025-2029, as well as historical data from 2019-2023 for the following segments. TypeLarge enterprisesSmall and medium-sized enterprisesSolutionStandalonePackagedGeographyNorth AmericaUSCanadaEuropeFranceGermanyItalyUKAPACChinaIndiaJapanSouth AmericaBrazilMiddle East and Africa

By Type Insights

The large enterprises segment is estimated to witness significant growth during the forecast period.Large enterprises are increasingly vulnerable to cyber threats due to their size, complex IT infrastructure, and valuable data. Cyber insurance has emerged as a crucial risk management tool for these organizations, providing financial protection against data breaches, ransomware attacks, phishing scams, and other cyber incidents. According to Munich Re experts, The market is expected to reach USD20.4 billion by 2027, driven by the growing number of cyber threats and the increasing awareness of the need for risk mitigation. Cyber criminals continue to target large enterprises, exploiting vulnerabilities in cloud computing, Internet of Things (IoT), and Operational Technology (OT) systems. In 2023, SonicWall Cyber Threat Report identified over 10 million IoT malware attacks and 1.5 billion phishing attacks. Cyber ILS, a cyber catastrophe bond, and crypto insurance services have gained popularity as additional layers of protection against cyber risks. Large enterprises are investing in AI-

As of January 2025, the most significant data breach incident in the United Kingdom (UK) was the 2017-2018 Dixons Carphone breach. As a result of this incident, 14 million user records were affected, and 5.6 million payment card information was exposed. The Equifax data breach between 2011 and 2016 impacted over 15 million customers nationwide.

Abstract copyright UK Data Service and data collection copyright owner.

The Scottish Crime and Justice Survey (SCJS) is a social survey which asks people about their experiences and perceptions of crime in Scotland. The survey is an important resource for both the government and public of Scotland. Respondents are selected at random from the Postal Address File and participation in the survey is entirely voluntary. The main aims of the SCJS are to:

• provide reliable statistics on people's experience of crime in Scotland, including services provided to victims of crime
• assess the varying risk of crime for different groups of people in the population
• examine trends in the level and nature of crime in Scotland over time
• collect information about people's experiences of, and attitudes on a range of crime and justice related issues

An important role of the SCJS is to provide an alternative and complementary measure of crime to police recorded crime statistics. For further details of the scope and methodology of the SCJS, please see documentation. Information about the survey and links to publications may be found on the Scottish Government's Scottish Crime and Justice Survey webpages.

Background and history of the SCJS
Previous surveys of victimisation in Scotland began with the Scottish components of the 1982 and 1988 sweeps of the British Crime Survey (BCS) (held at the Archive under SNs 4368 and 4599) The Scottish element of the 1988 BCS was also known as the Scottish Areas Crime Survey and coverage was limited in those early surveys to the areas south of the Caledonian Canal. From 2012, the BCS has been renamed the Crime Survey for England and Wales (CSEW) (held under GN 33174).

The first independent Scotland-only crime survey was commissioned by the Scottish Office in 1993 under the title of the Scottish Crime Survey (SCS) and was followed by repeated sweeps in 1996 (both years held together under SN 3813), and again in 2000 (SN 4542) and 2003 (SN 5756). In 2004 the survey underwent both a name change, to the Scottish Crime and Victimisation Survey (SCVS) (SN 5757), and a major methodological change, with a move away from in-home face-to-face interviewing to telephone interviewing. However, the 2006 SCVS (SN 5784) returned to face-to-face interviewing after it was shown that the robustness of the data produced by the 2004 telephone survey could not be substantiated. From 2008-2009, the series name was changed to the present title, the Scottish Crime and Justice Survey, and it moved to a repeated annual cross-sectional schedule based on financial year. From 2012-13 the SCJS moved from annual to biennial survey covering the financial year however, the 2014-15 survey was the last biennial survey and currently the SCJS is conducted on an annual basis. See the documentation for further details.

Special Licence data
From 2012-13 only the Main Questionnaire data are available under standard End User Licence (EUL) agreement. The Victim Form and Self-Completion data are available under Special Licence (SL). The SL data have more restrictive access conditions than those made available under the standard EUL. Prospective users of the SL version will need to complete an extra application form and demonstrate to the data owners exactly why they need access to the additional variables in order to get permission to use that version.

The Scottish Crime and Justice Survey, 2018-2019 contains data from the Main Questionnaire only and is based on around 5,500 face-to-face interviews with adults (aged 16 or over) living in private households in Scotland.

Main Topics:

The main questionnaire covered demographic details, perceptions of crime, justice system, policing, local community, sentencing, civil law, Crown Office and Procurator Fiscal Service (COPFS) and harassment as well as the victim form screener. It also includes experience of cyber crime (new for the 2018-19 survey).

Data from the victim form is available under SN 8796, and is subject to restrictive Special Licence Access conditions.

Stalking experienced by women and men, including numbers, type and personal characteristics, based upon annual findings from the Crime Survey for England and Wales.

A survey ending February 2023 among professionals responsible for their company's cyber security strategy in the United States and Europe found that Germany saw the highest rate of cyber attacks among the examined countries. French companies ranked second by the share of reported cyber attacks, 53 percent. Companies from the United Kingdom (UK) and Belgium reported the lowest share of cyber attacks among the listed countries, with 48 percent and 46 percent.

Data from the Crime Survey for England and Wales (CSEW) and the National Fraud Intelligence Bureau (NFIB), including numbers of incidents and characteristics of victims.

During the fourth quarter of 2024, data breaches exposed more than a million user data records in the United Kingdom (UK). The figure decreased significantly from nearly 41 million in the quarter prior. Overall, the time between the first quarter of 2022 and the fourth quarter of 2023, saw the lowest number of exposed user data accounts.