State of the Cyber Insurance Market 2025

UK businesses underestimate risk of cyberattack

Download State of Market Guide
State of the Cyber Insurance Market
We spoke to Steve Cross, Group Technical Director and PIB Cyber Guru, to get his insight into what the cyber insurance market will look like for the rest of 2025.

 

The 2025 Market

UK businesses underestimate risk of cyberattack

The stark warnings given by Richard Horne (the new head of GCHQ’s National Cyber Security Centre) in December 2024, highlighted just how widely underestimated the risks facing UK businesses are.

UK organisations are urged to boost their resilience to attack, amid signs of a widening gap between the risks being faced and their ability to handle them.

In April 2024, a survey published by the UK Government indicated that half of all UK businesses (and 84% of large businesses) had reported some form of cybersecurity breach or attack in the previous 12 months, and as 2024 drew to a close, it was apparent that cyber-attacks continue to grow in frequency, sophistication and severity.

Dependency on technology & supply chains

Threat actors utilise our ever-growing dependency on technology against us, seeking to cause maximum disruption, and to monetise attacks through higher ransom demands. As PIB’s own customers’ claims highlight, the common misconception that these attacks only affect larger corporate entities is wholly inaccurate.

Even non-malicious events emphasise just how reliant modern businesses are on technology. Major retailers across the UK experienced significant IT outages in early 2024, followed by the Crowdstrike incident in July 2024, which affected millions of devices globally, across a wide range of industry sectors. With world-wide losses of approx. $5.4 billion (USD), the latter of these two events highlighted the importance of ensuring that cover for ‘system failure’ forms part of any cyber insurance procured.

Similarly, the cyber-attack on CTS, an IT services provider to UK law firms, demonstrated the disruption that a supply chain partner can cause, and the importance of adequate cyber insurance cover for supply chain business interruption risks.

Strong cyber insurance market

Despite these risks, the UK cyber insurance market continues to enjoy strong competition between insurers, in-turn affording competitive premiums and increased levels of cover for buyers. It also allows customers to take advantage of these favourable conditions in procuring indemnity limits more commensurate with their increased levels of exposure.

CyberPrepare

Here at PIB Insurance Brokers we are well positioned to assist our customers. In addition to our team of Cyber insurance experts, we have collaborated with Storm Guidance (the UK’s leading provider in Cyber incident response & risk management services for the insurance market) to launch “CyberPrepare”, a comprehensive cyber risk management tool which provides our customers with the ability to quickly and cost effectively ascertain their Cyber posture by a combination of two key components:

  • Cyber profiling scan – a non-invasive scan of our customer’s domain alerts customers to information that attackers could use to profile their business
  • Questionnaire – assessing the level of customer’s existing cyber security & controls

This in-turn produces a detailed dashboard of results/findings and a cyber report that can be used to improve resilience to attacks in the future. For further information, visit: www.pib-riskmanagement.co.uk/cyberprepare

Our Advice

  • Ensure you have an informed view of your cyber posture and resilience to attack
  • Implement and maintain robust cyber security & controls
  • Consider and review supply chain operations in terms of reliance and security and controls
  • Capitalise on current cyber insurance market conditions for either first time buyers or to expand upon existing levels of cover / limits of indemnity currently purchased

Fancy reading more insights into the state of other insurance markets?

Read State of the Market 2025