A new report by global insurer Hiscox has laid bare the staggering financial and operational toll ransomware is taking on businesses of all sizes. From high-profile brands like Jaguar Land Rover (JLR) and Marks & Spencer (M&S) to thousands of small and medium-sized enterprises (SMEs), ransomware attacks have evolved into a systemic risk that no organisation can afford to ignore.
Based on a survey of 5,750 SMEs, the 2025 Cyber Readiness Report reveals that 27% of businesses faced a ransomware attack in the past year. Alarmingly, 80% of those targeted paid the ransom, but only 60% successfully recovered their data — and nearly a third were hit with follow-up extortion demands.
JLR and M&S Among the Hardest Hit
The report highlights several high-profile incidents, including JLR’s month-long production shutdown due to a cyberattack. The disruption led the UK government to issue a £1.5 billion loan guarantee to protect its vast supplier network, which supports nearly 200,000 jobs. JLR’s own losses are estimated to exceed £200 million.
Similarly, Marks & Spencer disclosed a hit of over £300 million following a ransomware incident in April. Although the retailer expects partial recovery through insurance, the scale of damage reinforces how vulnerable even well-resourced organisations can be.
Insurance: A Costly but Crucial Lifeline
The report underscores the rising costs of cyber insurance. Large firms like JLR are estimated to pay premiums as high as £5 million for coverage worth £300–500 million, with excess charges in the region of £10 million. While the cyber insurance market — valued at £521 million in 2024 — is projected to grow to £2.4 billion by 2033, many smaller firms find such protection financially out of reach.
Without this safety net, SMEs are left dangerously exposed. The report warns that a single successful attack could force smaller companies to shut down entirely.
Evolving Threats and Data Monetisation
Hiscox’s Global Head of Cyber, Eddie Lamb, notes a shift in ransomware tactics: criminals are increasingly targeting corporate contracts, executive emails, and intellectual property rather than just personal data. These assets are easier to monetise through dark web marketplaces or extortion.
Lamb adds that ransomware doesn’t just result in financial damage — it erodes employee morale, burns out IT teams, and undermines customer trust. “A cyberattack doesn’t just disrupt operations,” he warns. “It can threaten the very survival of a business.”
Urgent Need for Preparedness
The report calls on companies to strengthen their cybersecurity infrastructure, invest in AI-powered detection, and adopt data loss prevention controls. With the growing availability of sophisticated ransomware-as-a-service tools and AI-enhanced attack vectors, the urgency to act has never been greater.
From global corporations to local enterprises, ransomware is no longer a one-off risk — it’s a daily existential threat.
