The cyber insurance market is expected to remain soft in 2025 but as the threat of ransomware intensifies, providers and customers should consider their options now.
Experts have said that the use of ransomware will continue to increase next year as malicious actors become more aggressive in their attacks on critical sectors like healthcare and telecommunications.
Cyber readiness will remain a top priority for next year, according to a report by active insurance provider Coalition. Organisations need to ensure that they can perform essential tasks during digital outages while also evaluating their ability to recover financially from digital disruptions.
Despite these risks, the cyber insurance market is expected to remain soft in 2025 but with signs of decreases slowing down. Pricing decreases are estimated to sit in the single digits of around 5% to 7%, according to a report by active insurance provider Coalition.
“At some point, a large-scale event will lead to reinsurers and retail insurance companies pushing back on pricing but there’s likely some time before that plays out,” Coalition said.
Some cyber insurance providers relaxed their underwriting prices at this time to help boost revenue. While this may yield positive returns in the short term, it could have downstream effects on managed service providers (MSPs) and their customers, according to the report. “Relaxed underwriting rules lead to lax security practices, which means more costly incidents and tough conversations between MSPs and their customers.”
This year has seen several aggregate cyber risks – cyber attacks at Change Healthcare, CDK Global and CrowdStrike, to name a few – all resulted in hundreds of millions of dollars in losses. Ransomware demands also reached an average of $1.3 million in the first half of the year. While none of these attacks have been causing significant damage to the industry as models predict just yet, these events will likely continue and become more frequent in the coming years.
Malicious actors could also use other forms of attacks. The use of deepfake videos is beginning to emerge, although they are not expected to become a widespread option next year, as they require too much computing power to execute. Instead, cyber attackers are expected to use artificial intelligence to improve phishing emails and voice cloning.
Malicious actors also target C-level executives and their families, an act that experts believe will become more aggressive next year.
News of Microsoft ending support for its Exchange 2016 and Exchange 2019 next also brings challenges. As the tech giant stops providing security fixes for these systems, small businesses could become easy targets to cyber attacks.
Add that to the issue of low cyber insurance adoption rate for small businesses, which think that cyber insurance is just a method of transferring risk, so they option on investing in cybersecurity technology instead.
There’s still time, however, the experts said as the biggest impact of these risks won’t be realized next year.
Cyber insurers can help their customers ready for potential cyber threats by requiring a minimum standard of security protections, including multi-factor authentication and email controls.
For phishing and voice cloning, businesses can use key phrases and other authentication models to verify that they are communicating and transacting with a legitimate team member or client.
Small businesses should also be made aware of the benefits of having cyber insurance, which not only transfers risk but also helps maintain their systems and respond to threats as quickly as possible.
“Many companies view cyber insurance as just a method of transferring risk and might opt for an investment in cybersecurity technology instead,” Coalition said. “But when a product transfers risk and helps businesses maintain their systems and respond to threats in a timely manner, the value is clear.”
