ACCORDING to Resilience, security leaders can translate technical risk into financial terms by using insurance data that links specific cyber events to losses. The latest analysis focuses on ransomware in manufacturing, noting that in 2025 manufacturing was the industry with the highest target rate (25% of cyberattacks), and that 90% of incurred loss over March 2021 to February 2026 was due to ransomware, even though only 12% of claims related to ransomware.
Two notable failure points emerge: 13% of losses stem from software vulnerability exploits, and MFA misconfigurations drive 26% of losses, the largest single share, including the incident that the ransomware attack attributed to BlackCat was enabled by misconfigured MFA.
The report also highlights transfer fraud and email compromise as 30% of all claims, largely driven by phishing that leads to credential compromise, with credential phishing sites and infostealer malware delivering phishing rising 84% year over year in 2024. Armed with these insights, CISOs could present a financial case for investments in MFA auditing, patching, ransomware containment, and targeted staff training to boards. The piece was published on 28 April 2026.