The cyber insurance market is now well established in the United Kingdom. Clients are able to access coverage and to build up their resilience by making use of the risk management capabilities that form part of the cyber insurance solution.
But threat actors are continually honing their own capabilities and the increased use of new attack techniques means that the risk landscape is always shifting.
The global average cost of a cyber breach in 2024 was $4.9 million, according to IBM, a 10% increase compared with the previous year, highlighting the financial impact cyber attacks can have. A SoSafe report predicts that the global cost of cyber crime will reach $10 trillion this year.
As the threat environment evolves, the cyber insurance market in London, and worldwide, must remain focused on sustainability and building up the expertise and knowledge that will help clients face the challenges on the horizon.
The impact of AI
As with all areas of business and society, the rapid development of artificial intelligence solutions is having an impact on both the cyber threat landscape and on clients’ capabilities to build cyber resilience.
There has been a notable uptick in the number of ransomware attacks since 2023, and malicious actors are employing newer technology, including artificial intelligence (AI), to amplify both the volume and effectiveness of their attacks using techniques like phishing or impersonation. Cyberheist reported a 76% increase in phishing attempts in 2024, while, according to Verizon, ransomware was present in about 44% of recent reported breaches.
AI can be used by malicious actors to make ransomware attacks faster and more scalable. AI and generative AI can enable the creation of sophisticated and hyper-realistic videos and audio recordings that are used in phishing attacks.
Furthermore, malicious actors can create and exploit deepfakes that manipulate employees into transferring large sums of money to criminals. In one high-profile example, a deepfake impersonating a company CFO on a conference call convinced a finance worker in Hong Kong to transfer $25 million into fraudulent accounts.
We haven’t yet seen the full scale of what AI could be capable of in terms of cyber attacks. But it’s possible, for example, for attackers to reverse engineer some of the cybersecurity patches that have been published. While we haven’t seen claims stemming from this method, it is just one example of how the cyber risk is likely to change – and will continue to evolve.
AI can, however, also be used to boost organisations’ resilience to attack. AI-powered solutions can be used to increase security defences, detect anomalies, analyse data and automate responses, while keeping cybersecurity teams informed and in charge. An IBM study found that where AI was extensively used in prevention mechanisms, companies experienced costs savings in the region of $2.2 million when a breach occurred.
Emerging risks
There are several other evolving risk areas that our clients and we are monitoring closely. One of those is increasing regulatory scrutiny and the demand for stronger security measures. In the United Kingdom, the recently proposed UK Cyber Security & Resilience Bill would introduce obligations on IT providers and supply chain partners supporting critical infrastructure. The Bill proposes mandatory reporting standards, among other things, and organisations operating in the United Kingdom would need to ensure that they have effective security programs in place to comply with the requirements.
Attackers are becoming more adept at bypassing multi-factor authentication (MFA) controls. It’s important, therefore, that clients explore the use of more advanced MFAs that use contextual data like location, time of day and user behaviour patterns to assess risk.
Cloud attacks are another growing concern. Clients are stepping up their defences against these threats by using multifaceted approaches combining security tools and processes.
Zero Day Vulnerability, where a security flaw is discovered by an attacker but is unknown to the software vendor, meaning no patch or software update is yet available, is another risk area that clients are addressing by having a zero-day patching strategy. Attacks on vendors continue to pose a threat to companies. We encourage our clients to conduct thorough assessments of vendors to identify potential vulnerabilities.
We haven’t yet seen the full scale of what AI could be capable of in terms of cyber attacks.
Continual risk management
The risk picture is shifting; there is definitely more to come.
It’s beneficial to all concerned if we can work with our clients to help them on a journey of continuous risk improvement.
As human vulnerability remains a risk, and the deepfake threat becomes more sophisticated, we urge our clients to take a comprehensive approach to training colleagues. This can mean providing phishing-awareness education using real-life case-studies, among other things. The use of unique passwords and MFAs must be essential practice. And companies should have structures in place to enable colleagues to report suspected deepfakes or other security concerns.
Our clients are also using new tools to better understand and monitor their risks. More are now using inside-out scanning, which enables them to have a more continuous risk management view, compared with outside-in scanning which tends to give a view at one point in time.
Cyber insurance solutions are valuable in helping clients to assess and manage cyber threats. It goes beyond risk transfer and provides clients with a suite of services to help them prevent, prepare for, protect against and prevail over cyber threats. Our cyber services are built on four pillars: services that focus on prevention by assessing security maturity level, identifying risks and defining a cyber security strategy; services that support preparation by identifying vulnerabilities and anticipating attacks; services that prioritise protective efforts and build robust defences around critical assets; and services that help to respond, recover and emerge stronger after an incident.
As we face the future, the evolving threat means it is vital that cyber insurers continue to conduct rigorous risk assessments, remain focused on underwriting discipline and keep a close eye on our risk aggregation to manage exposures. This will facilitate a sustainable cyber insurance market which is what all of us – clients, brokers, insurers and reinsurers – want and need.
