Insurance
Insurance
Product Family
Product Family
Industries
Industries
Reinsurance
Reinsurance
Explore our offerings
Explore our offerings
Mid-Market
Mid-Market
Explore our Mid-Market offerings
Explore our Mid-Market offerings
Claims
Claims
Risk Consulting
Risk Consulting
Fast Fast Forward
Fast Fast Forward
Resources & Tools
Resources & Tools
Resources and Tools
Resources and Tools
About AXA XL
About AXA XL
About AXA XL
About AXA XL
Media Center
Media Center
Careers
Careers
Get In Touch
Get In Touch
Lucy Pilko, CEO< Americas, AXA XL

By

CEO, Americas, AXA XL

First published in Risk & Insurance

Today’s cyber threat landscape presents a paradox. While insurance coverage options are becoming more accessible and affordable, systemic risks are simultaneously escalating quickly.
New entrants and easy capital heated up competition, pushing cyber insurance rates steadily down, roughly 5–7% over the past 11 quarters, with reductions reaching as much as 22% from their 2022 peak (NAIC). Yet, 2025 saw a record number of ransomware attacks, a 34% rise in global assaults against critical sectors like manufacturing, healthcare, and energy. Ransomware accounted for 44% of breaches (Verizon 2025). Attackers are getting smarter, using multiple tactics and AI-driven methods. For instance, phishing remains a major threat, with a staggering 1,265% increase in AI-powered phishing attacks. Nearly 50% of all email threats now include phishing links. (Deepstrike 2025).

Compounding this, cyber breaches are becoming more costly. According to IBM/Pomenon Institute’s Cost of a Data Breach Report 2025, the average cost of a breach is $4.4 million, up from 3.86 million dollars in 2018, an increase of roughly 15%. Costs often go beyond direct breach expenses. There are disruptions to supply chains, lost trust, or shareholder value. Although ransomware payouts are falling as organizations refuse to pay, this leads to longer recovery times and higher indirect costs like investigations, fines, and supply chain issues, increasing overall damage.

The Importance of Disciplined Underwriting
While cyber insurance policies with lower premiums and flexible options may appear attractive, the reality is more nuanced. It is important to help our clients find insurance solutions that fit their true exposure in order to protect against severe financial and operational consequences. Imagine a mid-sized online retailer that chooses higher insurance limits because it’s cheaper but then delays adding multi-factor authentication or better endpoint security. So, even though they have “better” coverage on paper, their customer data is still at risk. The same goes for hospitals with tight budgets. They might stick with less expensive cyber policies instead of upgrading outdated systems. That means they keep critical vulnerabilities open, which cybercriminals could easily exploit. It’s like paying for protection but leaving the door wide open.

Insurers, in turn, need to maintain disciplined underwriting standards to ensure that they are accurately assessing and pricing the risk. For instance, a manufacturing plant with outdated operational technology (OT) systems might secure comprehensive cyber coverage without undergoing thorough security assessments. Construction firms handling large project data and payments may receive policies with minimal controls around funds transfer fraud. This creates a false sense of security, as companies believe they are well-protected when, in reality, their risk management standards have slipped.

With the rise of ransomware attacks and the new tactics and AI methods being used in these attacks, it is even more essential for insurers to maintain strong underwriting discipline when evaluating cyber risks. Market fluctuations are inevitable. But when big losses hit -- like a wave of ransomware attacks on hospitals or schools – disciplined underwriting and proactive and comprehensive risk management can help prevent or mitigate against severe consequences.

What Does a Sustainable Market Look Like?
A truly resilient cyber insurance market shifts from reacting after a disaster to proactively managing risks beforehand. Maintaining disciplined underwriting acts as a safeguard, preserving the long-term stability of the cyber insurance sector and ensuring that risks are managed effectively.

It is even more important, in the constantly evolving landscape of cyber claims, to maintain this discipline. The next big shock won’t just be more ransomware. It could be a large, correlated outage testing the limits of current policies and risk models.

To move towards a more sustainable and resilient approach, insurers must prioritize disciplined underwriting and thorough risk understanding. Insurers need a clear understanding of systemic vulnerabilities, such as reliance on cloud services or third-party partners, and must be transparent with clients about these risks. Clients, in turn, must also be transparent with their insurer about their vulnerabilities, including secondary exposures, to ensure that their carrier is providing the appropriate coverage fit. The solution should be focused on where risk is going, not where it was.

Simultaneously, organizations should strengthen their cybersecurity defenses: implement multi-factor authentication, perform regular backups, keep software updated, and manage third-party risks. For example, financial firms should use strong encryption and continuous monitoring; healthcare providers must secure patient data with access controls and HIPAA compliance; manufacturers should segment networks and deploy intrusion detection; retailers need PCI DSS compliance and fraud tools. These measures can significantly reduce both the likelihood and impact of cyber incidents.

Brokers play an important role in this process by providing strategic advice to help clients understand their full risk landscape and optimize coverage accordingly.

Final Thoughts
Cyber risks change quickly. New AI capabilities, already being talked about, will be transformative to society more broadly, and will likely thrust the cybersecurity threat landscape toward a new frontier. Organizations should remain diligent about embracing existing risk mitigation tools and engage with innovative solutions as they are developed to ensure safe cyber hygiene.

So, now is the time to act. Invest in advanced controls and processes. Develop comprehensive incident response plans to better prepare for potential challenges. Work with your insurer and broker to create a tailored solution that meets your specific needs. Additionally, focus on strengthening supply chain and third-party risk management to enhance overall resilience. Taking these steps today can help organizations fortify defenses and prepare for the future.

A sustainable cyber market requires insurers to have a clear understanding of systemic vulnerabilities and approach underwriting with discipline in order to provide coverage that aligns with the client’s needs.

Staying vigilant and adaptive is key. With effort and discipline, we can navigate these fluctuations and keep cyber insurance a vital, sustainable part of our risk management toolkit for years to come.




To contact the author of this story, please complete the below form

First Name is required
Last Name is required
Country is required
Invalid email Email is required
 
Invalid Captcha
Subscribe

More Articles

Quick Links

Subscribe to Fast Fast Forward

  • Related Resources

A headshot of Vanessa Leemans in front of a globe
Fast Fast Forward
The cyber risk landscape is becoming ever-more complex. But as the challenges increase, so too does the knowledge and expertise of the cyber insurance market. We recently gathered a diverse panel of cyber expert speakers – from underwriting, broking, wordings, security consulting and data &
The evolution of cyber insurance: lessons for the future
Fast Fast Forward
Cyber risks are threats to digital systems that can cause harm or data loss. Cyber insurance has become essential, driven by major attacks like WannaCry. Awareness has grown, and organizations now see cyber coverage as a priority. AI enables more sophisticated
Life lessons from the front lines 2_350x155
Fast Fast Forward
From life-or-death emergencies on the front lines as an EMT to navigating the high-stakes world of cyber claims, AXA XL Cyber Claims Specialist Sagar Yadav has been driven by one core principle: staying calm when chaos strikes. Whether responding to a 911 call or guiding clients through a data breach,

Global Asset Protection Services, LLC, and its affiliates (“AXA XL Risk Consulting”) provides risk assessment reports and other loss prevention services, as requested. In this respect, our property loss prevention publications, services, and surveys do not address life safety or third party liability issues. This document shall not be construed as indicating the existence or availability under any policy of coverage for any particular type of loss or damage. The provision of any service does not imply that every possible hazard has been identified at a facility or that no other hazards exist. AXA XL Risk Consulting does not assume, and shall have no liability for the control, correction, continuation or modification of any existing conditions or operations. We specifically disclaim any warranty or representation that compliance with any advice or recommendation in any document or other communication will make a facility or operation safe or healthful, or put it in compliance with any standard, code, law, rule or regulation. Save where expressly agreed in writing, AXA XL Risk Consulting and its related and affiliated companies disclaim all liability for loss or damage suffered by any party arising out of or in connection with our services, including indirect or consequential loss or damage, howsoever arising. Any party who chooses to rely in any way on the contents of this document does so at their own risk.

US- and Canada-Issued Insurance Policies

In the US, the AXA XL insurance companies are: Catlin Insurance Company, Inc., Greenwich Insurance Company, Indian Harbor Insurance Company, XL Insurance America, Inc., XL Specialty Insurance Company and T.H.E. Insurance Company. In Canada, coverages are underwritten by XL Specialty Insurance Company - Canadian Branch and AXA Insurance Company - Canadian branch. Coverages may also be underwritten by Lloyd’s Syndicate #2003. Coverages underwritten by Lloyd’s Syndicate #2003 are placed on behalf of the member of Syndicate #2003 by Catlin Canada Inc. Lloyd’s ratings are independent of AXA XL.
US domiciled insurance policies can be written by the following AXA XL surplus lines insurers: XL Catlin Insurance Company UK Limited, Syndicates managed by Catlin Underwriting Agencies Limited and Indian Harbor Insurance Company. Enquires from US residents should be directed to a local insurance agent or broker permitted to write business in the relevant state.

THIS AXA WEBSITE USES COOKIES

AXA XL, as a controller, uses cookies to provide its services, improve user experience, measure audience engagement, and interact with users’ social network accounts among others. Some of these cookies are optional and we won't set optional cookies unless you enable them by clicking the "ACCEPT ALL" button. You can disable these cookies at any time via the "How to manage your cookie settings" section in our cookie policy.

Find Out More About the Cookie Policy Privacy Notice
Accept All
Refuse All
Cookie Settings