Aon, a leading global professional services firm, has released its 2025 Cyber Risk Report, revealing that cyber events that cause reputation risks can result in an average of 27% drop in shareholder value, highlighting the growing financial and reputational stakes of cyber risk.
The findings build on Aon’s 2023 research, which showed that major cyber incidents led to an average 9% decline in shareholder value over the following year. This year’s report goes further, analysing more than 1400 global cyber events and identifying which types of attacks are most likely to evolve into reputation risk events and which can be the most damaging when they do.
“Cyber risk is no longer just a technology issue, it’s a boardroom issue,” says Brent Rieth, global cyber leader at Aon. “Our latest research underscores the importance of proactive risk mitigation. Organisations that invest in preparedness and resilience are far better positioned to avoid the reputational and financial fallout that can follow a cyber event.”
“Organisations are grappling to understand the level of cyber risk their business is faced with at executive committee and board level. As the threat landscape diversifies with new and developing technology, clients need to invest continuously in information security to counter these efforts, but often do so without fully understanding the return on security investment (ROSI). Resiliency is tantamount to an organisation’s ability to recover from a cyber incident, and it is essential to have a risk management and insurance solution in place that is built for purpose,” says Zamani Ngidi, business unit manager of M&A; and cyber solutions at Aon South Africa.
Some of the report’s key findings are:
• Of the 1414 cyber events analysed, 56 developed into reputation risk events, which are defined as cyber incidents that attract significant media attention and lead to a measurable decline in share price.
• Companies affected by these reputation risk events experienced an average shareholder value decline of 27%.
• Malware and ransomware attacks were the most likely to trigger reputational damage, accounting for 60% of all reputation risk events, despite making up only 45% of total cyber incidents.
• Five drivers of value recovery were identified as critical levers for mitigating reputational fallout: preparedness, leadership, swift action, communication and change.
The report also highlights the growing challenge of managing uninsurable risks. While cyber insurance can help transfer some financial exposure, reputation risk remains largely nontransferable, making proactive risk management and crisis response essential.
“As cyber threats grow more complex and interconnected, companies need a clearer view of their exposure, stronger alignment between cybersecurity and insurance strategies, and the tools to make better, data-driven decisions. Aon is uniquely positioned to support clients through these challenges,” added Rieth.
Aon’s 2025 Cyber Risk Report draws on proprietary data from the firm’s Cyber Quotient Evaluation, a patented global e-submission platform that streamlines the cyber insurance intake process and empowers organisations with actionable insights into their cyber exposures and insurability, helping them to strengthen both underwriting outcomes and cyber risk management strategies.
For more information contact Aon,
© Technews Publishing (Pty) Ltd | All Rights Reserved
printer friendly version