Cybercrime continues to rise globally in 2025, posing an increasing threat to businesses. Yet the latest Vanbreda Risk & Benefits Cyber Study reveals a more encouraging reality: companies are becoming better prepared, and cyber insurance is helping to limit financial damage.
According to the study, in Belgium, four out of five cyber incidents generate costs below €20,000. This improvement is largely due to stronger cybersecurity measures and the professional incident response services included in many cyber insurance policies.
More incidents, but smaller financial impact
- 81% of cyber incidents cost less than €20,000;
- Only 3% exceed €1 million in damages;
- The cyber insurance premium volume remained stable at €17.1 million.
The five key cybersecurity requirements
To obtain or maintain cyber insurance coverage, companies are increasingly expected to implement strong security practices, including:
- Multi-factor authentication (MFA)
- Secure and isolated backup systems
- Endpoint protection for devices and servers
- Vulnerability and password management
- Employee security awareness and phishing training
These requirements also help companies comply with the NIS2 European cybersecurity regulation.
The study also highlights two vulnerabilities that companies still tend to underestimate. First, dependency on a single technology supplier. If a key provider suffers a cyber incident, it can disrupt the operations of many companies relying on that service. Second, underinsurance. Many businesses have not updated their cyber coverage to reflect their growth or evolving risk exposure, which could lead to significant financial gaps in the event of a major incident.
Vigilance Remains Essential
2025 Key figures
Cybersecurity, a shared responsability
Beyond the role of prevention and insurance, Belgium is also strengthening its cyber resilience at a national level. According to the 2025 report from the Centre for Cybersecurity Belgium (CCB), cyber threats continue to evolve rapidly, requiring coordinated responses between public authorities, organizations, and citizens.
In 2025, the CCB handled 635 national cyber incidents, with 103 operational interventions to assist organizations during critical situations. Ransomware remained a major concern with 105 reported incidents, while account compromise cases doubled to 144, highlighting the persistent exploitation of stolen credentials.
Phishing also remained one of the most common attack vectors. The Safeonweb platform received nearly 10 million reports of suspicious messages, helping authorities identify more than 176,000 malicious URLs and over 40,000 malicious domains.
Alongside incident response, the CCB intensified its preventive efforts by publishing 264 technical advisories, sharing 568 cyber threat intelligence reports, and issuing more than 32,000 targeted alerts to organizations and users.
These figures confirm that cybersecurity is a shared responsibility. Combined with stronger prevention practices and the growing role of cyber insurance, coordinated efforts between businesses, authorities, and citizens are helping to strengthen the resilience of Belgium’s digital ecosystem in the face of increasingly sophisticated cyber threats.