Want to know more about what to expect in the insurance marketplace but don’t have time to read a 10+ page State of the Market? Interested in emerging trends and market or capacity changes? Gain the key marketplace insights you need at just a glance with our easy-to-read 2025 guides.
OVERALL MARKET UPDATE + IMPORTANCE OF CYBERSECURITY CONTROLS AND RISK MANAGEMENT
The cyber market remains soft across most industry classes. While there has been a material increase in claims activity, there has also been an increase in supply. With the increased capacity, we see broadened coverage and heavy competition on premium. Control requirements have lessened for certain classes of business as competition increases. However, it should be acknowledged that increased claims and decreased pricing (outside of SME) cannot continue in perpetuity, and there will come a time for an inflection point.
RANSOMWARE
Ransomware claim frequency continues to rise, and in 2024, it retained its spot as the second most common cyberattack. The average demand increased in 2024 to just over $2M, while the average payment was closer to $500K. As of 2023, roughly 3 out of every four ransomware demands were paid, and in 2024, that number reduced to 1 in 8. This is a testament to clients’ investment in properly protected backups and overall improved cyber resilience.
BUSINESS INTERRUPTION + SYSTEM FAILURE
Business interruption claims increased in 2024 for a variety of reasons. With a more frequent refusal to pay, more significant costs have come to reconstitute systems, which lead to more considerable overhead and revenue loss. The payment mechanism of a BI claim is a source of pain due to the market’s mandated use of forensic accountants who can move too slowly and, at times, be overly meticulous at claim opinions. While the frequency of BI losses has increased, new entrants have also been coming into the marketplace that offer parametric reimbursement coverage for BI losses to provide more certainty of cost-per-hour coverage.
SUPPLY CHAIN + THIRD-PARTY RISK
Supply chain risk keeps reinsurers up at night but has not impacted the direct market. Dependent business interruption coverage can include coverage for IT providers and non-IT providers. It is always limited to contracted providers only—those parties with whom the insured has a direct contractual relationship—except for one or two carriers in the marketplace. Typically, dependent business interruption coverage will not cover utilities or internet service providers.
DATA PRIVACY + REGULATORY COMPLIANCE
Third-party privacy (non-breach) related claims rose at an unprecedented level in 2024. Pixel, Session Replay, and Video Privacy Protection Act or wiretap violations are the three most common claims. However, various state laws all center around how digital footprints/information is collected in breach of a data privacy law. They differ from common cyber claims in that they progress like typical liability claims and have a much longer tail, with settlements taking anywhere from 6 months to 24 months or more. Some results have reached the multimillion-dollar range, especially in the healthcare sector.
SOCIAL ENGINEERING + PHISHING ATTACKS
Social Engineering and phishing attacks were the most frequent claims in 2024. The average transfer remained around $500K. By default, coverage will generally not exceed $100K - $250K in limit. Crime360 and CRC’s excess social engineering program help solve this coverage need. The cost of additional coverage is the most expensive in the marketplace. It is also sublimited by default on both crime and cyber policies. While carriers are trying to solve the problem by reverting to $500K (or even $1M in some places and excess opportunities), only Crime360 guarantees products in social engineering and invoice manipulation while insuring the $5M transfer.
EMERGING TECHNOLOGIES - AI
Cyber coverage for AI-led attacks is generally covered unless expressly excluded. Artificial Intelligence will create leverage for threat actions in scaling widespread attacks again in 2025 and remains a primary reason to invest in cyber insurance. Wording for technology companies buying tech E&O should be closely reviewed in 2025. The market has developed coverage for companies that sell AI to others (tech E&O) and homegrown models (or adaption of models purchased from third parties) that companies use internally for their own purposes. Carriers are underwriting both the models and their outputs.