2025 Cyber Security and Claims Trends Decoded: Prevention Shapes Resilience for 2026

Trend 1: AI Powered Phishing and Deepfakes Become the Norm 

The insurance and cyber security sectors have long warned against growing AI driven cyber scams, but 2025 marks the turning point where AI has turned the “if it will happen” question into “when it will happen,” says Jardine. 

According to Verizon DBIR 2025, between January to October 2025, AI-assisted cyber attacks across industries increased 72% globally, causing $30 billion in projected global damages. Thanks to GenAI, phishing attacks surged 1,265%.And in North America alone, deepfake fraud jumped 1,740% last year. 

Seven in 10 Canadian organizations worry about AI-driven threats, including more convincing AI-powered attacks, privacy breaches and data poisoning, according to the 2025 CIRA Cyber Security Survey.  

It’s not just businesses who should be worried. One in 10 people have already received an AI-generated voice clone and 77% of them lost money in the scam. Two-thirds of people can’t tell AI audio from real speech and almost half fail tospot deepfake AI-videos. 

Cyber criminals now use AI every day to: 

• Easily execute social engineering scams. “These scams take minimal effort but they’re hyper-personal and more convincing than ever,” says Jardine. 
• Launch automated attacks. AI tools are amplifying the scale and sophistication of attacks, making them faster and more successful. 
• Exploit weak defences. “Poorly protected businesses and individuals continue to offer high returns for cyber criminals,” Weekes says. 
• Expand their opportunities: “Our growing reliance on digital payments, cloud services and shared personal data creates an ever-larger attack surface for scammers,” Weekes adds. 

Trend 2: Cyber Criminals Exploit Growing Attack Surfaces 

As businesses expand their digital operations and rely more heavily on cloud technology, IoT devices and third party systems, their attack surface is exponentially growing.  

“Your digital attack surface includes every internet-facing asset connected to your organization, from websites and VPNs to cloud services, remote access portals, shadow IT and even third-party vendors, impacting your entire supply chain. These are the digital doorways cyber criminals are constantly probing for weaknesses,” says Weekes. 

Globally, 90% of organizations have seen an increase in impactful attack surface incidents. Today, attack surface vulnerabilities are responsible for over 80% of cyber security breaches. SMEs experience 60% more severe incidents than larger ones, with breaches causing deeper operational disruption, greater financial loss and longer recovery times.  

From the CrowdStrike outage to Amazon Web Services disruptions, 2025 showed how fragile the global digital ecosystem can be. According to IDC’s latest research, organizations experienced an average of nine cloud security incidents in 2024, with 89% reporting a year-over-year increase.  

In Canada, small businesses experienced 50% more cloud-related incidents in 2025, up from 47% last year. 

“Traditional endpoint detection tools don’t catch these exposures. It’s no longer enough to secure what’s inside your network. You need to know what’s connected outside of it and who else has access,” Jardine says. 

Attack Surface Management is an essential tool to help businesses and individuals continuously identify, monitor and secure internal and external assets and detect vulnerabilities before they’re exploited. 

Trend 3: Impersonation Fraud Explodes 

Impersonation scams have become one of the fastest growing forms of cyber fraud thanks to AI, which enables cyber criminals to automate and personalize trust-based deception at scale. 

So far this year, 24% of Canadians experienced impersonation fraud via emails, texts, phone or social media, 17% were deceived into sending payments under false pretences and the majority fell victim to ID Theft. 

Impersonation fraud goes far beyond stolen identities. It now spans multiple forms like cyber extortion, from fraudsters posing as executives to trick employees into wiring funds, to spoofed vendors submitting fake invoices. The same techniques are used in sextortion scams targeting youth and romance and grandparent scams preying on seniors. 

“These hyper personalized attacks exploit human trust, not technical flaws. Criminals spoof colleagues, vendors, executives and ordinary people with alarming realism,” says Weekes. 

“As impersonation fraud escalates, businesses must build a ‘verify before you trust’ culture,” adds Jardine. “That means validating requests, even familiar ones, through independent channels, equipping employees to recognise social engineering red flags and ensuring response plans and insurance policies adequately address these risks.”  

Trend 4: Ransomware and Data Breaches Persist 

Ransomware and data breaches are here to stay. 

In the past year, four in 10 Canadian businesses suffered a breach of customer or employee data, an increase of almost 30%, according to CIRA’s 2025 Cyber Security Survey. One in four experienced a ransomware attack and 74% of those victims paid the ransom, with payments typically exceeding  $25,000. 

“Ransomware remains the most costly cyber attack, often resulting in major business disruption or even permanent closure due to financial or reputational damage,” says Jardine. “We now see cyber criminals making frequent, smaller ransom demands targeting more businesses, or using ransomware as a secondary step after data theft.” 

Despite this, only 66% of Canadian companies have a ransomware response plan.  

Exploited vulnerabilities are the most common root cause of ransomware attacks, with 84% of organizations hit by ransomware saying incidents were tied to compromised backups.  

“Vulnerabilities like outdated software, unpatched systems and weak cloud security leave businesses vulnerable. There’s a clear need to prioritise Endpoint Detection and Response and strong backups to reduce these risks,” Jardine says. 

Emerging Cyber Threats in 2026 

2026 will push three trends from the margins to the mainstream: 

Relationship-based AI-social engineering scams:
Cyber criminals will use your personal, social and professional networks as your new attack surface, exploiting more people through their colleagues, friends and family. “Attackers are using AI to map real world relationships and craft messages that feel authentic. It’s a new wave of social engineering through relationships,” Jardine explains. 

Dark Web exposure and credential stuffing:
Today, there are over 24 billion complete sets of usernames and passwords circulating the dark web. The dark web is a thriving marketplace and in an era of hyper connectivity, dark web monitoring of this hidden world is an essential part of any cyber risk strategy, Weekes says, whether you’re running a business or trying to protect yourself and your household, Weekes says.  

Quantum era encryption preparation
The race to protect data against future quantum threats is underway. “The risk isn’t theoretical. Attackers are already stealing and storing encrypted data to decrypt later. In 2026, quantum readiness will move from research to real world implementation,” says Jardine. 

Protect Your Businesses and Households from Cyber Risks in 2026 

Every organization and individual must raise their guard. 

For Businesses: 

• Use phishing resistant MFA and avoid SMS based codes. 
• Adopt Endpoint Detection and Response for continuous monitoring. 
• Back up data regularly and store backups offline. 
• Strengthen cloud security beyond default settings. 
• Build awareness with regular phishing simulations and training. 
• Integrate prevention-first cyber insurance and protection. Work with an insurance partner that understands today’s risks and helps you predict, prevent, insure and recover from them for tomorrow. 

 For Individuals and Households 

•  Strengthen the basics: enable MFA, use strong unique passwords and know when to use VPNs. 
• Stay informed: monitor your digital and financial footprint and set up breach alerts. 
• Be skeptical online: verify urgent messages or money requests, even from familiar people. 
• Protect family members: Regularly talk to children and seniors about online scams and the role of AI and ensure everyone knows how to report suspicious activity. Protect your household with an all-in-one personal cyber insurance and protection solution that integrates prediction and prevention services so you don’t face today’s risks alone.  

Prevention Is the New Cyber Resilience 

If 2025 proved anything, it’s that cyber risk never rests and neither can your defences. From insurance coverage to everyday security habits and tools, protection must be continuous. 

“Protecting yourself, your household or your business means not waiting for the next threat but predicting and preventing it before it strikes,” says Weekes. 

“Reaching out to an expert the moment you suspect a breach always leads to a better outcome than trying to manage it on your own,” Jardine adds. “Our BOXX Hackbusters® team provides 24/7 monitoring and containment, preventing over 80% of incidents before they ever become claims.” 

The stakes have never been higher.

“As we move into 2026, it’s time to rethink your defences, reinforce awareness and stay prepared,” says Jardine. “Prevention means protecting what matters, but even more important, it’s cyber resilience in action.”