The cyber insurance market is at a pivotal crossroads. Premiums are falling, coverage terms are loosening and competition is fierce — yet the cyber threat landscape has never been more volatile.
“The biggest challenge we’re facing now is the erosion of security controls.”
As new capacity floods the market and pricing softens, the very risk controls that once stabilized cyber losses are starting to slip. Now, more than ever, brokers and agents must champion disciplined underwriting, robust risk management and client education or risk leaving insureds dangerously exposed.
Soft market, hard lessons
Over the past two years, a wave of new reinsurers, insurers and MGAs has reshaped the cyber landscape.
“They’re offering more capacity and higher limits, but there’s no real innovation,” says Branden Laxner, Chief Underwriting Officer — Cyber, Nexus Underwriting. “Everyone’s offering standalone cyber with the same coverage.”
This surge has led to broader policy wording and a pullback on the strict underwriting practices that once kept loss ratios in check. The rigorous controls carriers enforced during the hard market of 2021-2022 are quietly slipping away — and that’s cause for concern.
Why controls matter more than ever
During the hard market, insurers raised the bar on underwriting. Baseline controls like multifactor authentication (MFA), secure backups, endpoint detection and response (EDR) and employee security awareness training became standard. Larger organizations were expected to implement advanced measures such as privileged access management (PAM), security information and event management (SIEM) and 24/7 security operations center (SOC) monitoring.
Today, those guardrails are weakening.
“The biggest challenge we’re facing now is the erosion of security controls,” says Laxner. “In the hard market, we could educate insureds, especially subject matter experts, to adopt minimum controls like backups and MFA. Now, in the soft market, those risk control requirements are fading, prices are dropping and policies are becoming very transactional.”
The long-term impact could be significant. As underwriting discipline slips, loss ratios may climb, and insureds lulled by lower rates could find themselves dangerously exposed when the next major wave of attacks hits.
Related: Helping clients avoid gaps in coverage with accident and health insurance
Cyber threats are evolving
Cybercriminals are always one step ahead. Today, they’re leveraging artificial intelligence (AI) to craft more convincing scams and exploit new vulnerabilities, especially among small businesses and their vendors.
Martha Oddo, Senior Cyber Production Underwriter at B&B Cyber Protector Plan, points to recent data showing a 35% spike in AI-generated social engineering attacks in Q1 2025.
“They’re getting better at using AI to generate these attacks,” says Oddo. “The grammar is cleaner. It’s no longer the obvious scam like: ‘I’m a prince and I’ll send you $1 million if you click on this link.’ It’s much more realistic.”
Both Laxner and Oddo also have observed supply chain compromise emerging as a major threat vector. Instead of attacking one business at a time, hackers are exploiting a single vendor to reach hundreds or thousands of downstream companies.
Oddo notes that fraudulent transfers and phishing schemes have overtaken ransomware as the leading source of cyber claims. This highlights how quickly the threat landscape can shift, and why staying current on risk controls is essential, regardless of market conditions.
Education is the weakest link
Despite rising threats, a widespread education gap persists among agents and insureds. This has been a constant throughout Oddo’s 13-year cyber career.
“It’s hard and it’s a moving target,” she says. “Today the buzzword is MFA, tomorrow it’s something else.”
This knowledge gap extends to small business owners, many of whom underestimate their risk or assume that cyber insurance or their other commercial policies cover every digital threat.
“They bury their heads in the sand and say: ‘I’m too small, nobody wants me.’ But they’re low-hanging fruit,” says Oddo. “Hackers target them more than larger companies that already have protections in place.”
Bridging this education gap is critical. Without proper guidance, agents and insureds risk misunderstanding coverage, overlooking emerging threats and leaving themselves exposed.
Related: Proactive risk management is key to auto liability stability
Resist the race to the bottom
In a price competitive market, brokers, agents and insureds must maintain high standards. Disciplined underwriting and strong cybersecurity controls are critical for long-term stability. At a minimum, Laxner recommends five core safeguards:
- Multifactor authentication (MFA)
- Separate and secure backups
- Endpoint or managed detection and response (EDR/MDR)
- Vulnerability management
- Ongoing security awareness training
“To break through these soft market challenges, we need to keep investing in education, training and partnerships,” Laxner says. “Working with wholesalers, our true value-add is understanding the evolving risks and finding creative solutions.”
Soft markets are temporary. But the behaviors they encourage — from relaxed underwriting to diminished risk controls and overconfidence among insureds — can have lasting consequences.
Brokers and agents who resist the race to the bottom, enforce solid cyber controls and guide clients intelligently are the ones who will thrive through every market swing.
This material has been prepared for general informational purposes only, is intended to apply generally rather than to any specific company and presumes appropriate discretion will be exercised regarding any particular situation.
© 2025 Copyright Arrowhead Programs. All Rights Reserved.
