CBIZ
  • Article
February 10, 2025

Insights into 2025’s Top Cyber Insurance Concerns

Table of Contents

In 2024, the cyber insurance market softened for policyholders despite increasingly sophisticated and damaging cyber threats. Most saw modest, single-digit premium increases, driven by factors like increased insurer competition, surplus capacity and improved cyber hygiene among insureds. Companies that made consistent improvements to their cybersecurity experienced fewer claims and lower loss ratios because of better risk management. The year was particularly favorable for buyers, as surplus line carriers expanded their offerings and policies became more tailored with enhanced customization, better coverage options and improved underwriting practices.

However, the cyber insurance market remains dynamic. High-profile incidents like the CrowdStrike and Change Healthcare breaches demonstrate how a single attack can disrupt multiple organizations and sectors. These systemic risks may prompt insurers to adopt stricter underwriting standards in 2025, particularly for high-risk industries like health care.

Insurers are expected to prioritize advanced cybersecurity controls and leverage innovative tools like AI-powered risk analytics to refine pricing and predict losses. Businesses with strong cybersecurity will continue to secure better premiums and coverage terms. Conversely, companies failing to strengthen their cybersecurity or experiencing frequent claims could face higher premiums and coverage limits.

Trends Shaping the Cyber Liability Insurance Market

Ransomware Threats

Ransomware attacks continue to escalate, posing a costly challenge for businesses, particularly small-and medium-sized organizations. In these attacks, cybercriminals infiltrate devices or servers to encrypt data and then demand large payments to restore access. Companies also face significant financial losses from recovery efforts, operational disruptions and potential regulatory fines.

Ransomware’s prevalence and severity have surged dramatically. Notably, 2024 marked a record-breaking payment of $75 million to the Dark Angels cybercrime group, nearly doubling the previous highest payment in 2023. Additionally, incidents rose by 18% during the first five months of 2024.

Perhaps most alarming is the shifting focus of the attacks. Historically, cybercriminals focused on financial gain through data extortion, but now they frequently target critical infrastructure (e.g., health care, schools, government). For example, the Change Healthcare attack compromised sensitive patient data and disrupted essential services despite the organization paying a $22 million ransom. This suggests attackers are targeting organizations they believe will pay large ransoms to avoid disruptions.

In 2025, sectors tied to critical infrastructure and enterprises with substantial financial resources are expected to face a heightened risk of attacks. Furthermore, new ransomware groups continue to emerge despite law enforcement crackdowns on major players like ALPHV/BlackCat and LockBit.

A particularly concerning trend is the rise of ransomware-as-a-service (RaaS). This model allows cybercriminals to sell or lease ransomware to affiliates, enabling less technically skilled criminals to launch sophisticated attacks. This significantly broadens the threat landscape, making ransomware attacks more widespread and dangerous.

Evolving AI Exposures

AI offers immense value for businesses in streamlining cybersecurity efforts by enhancing threat detection, automating response protocols and processing large data sets effectively. However, the same technology can amplify cybercriminal activities. Key threats from AI include:

  • Weaponized AI: Cybercriminals use AI to develop sophisticated malware, exploit software vulnerabilities and crack passwords at unprecedented speeds.
  • Phishing Evolution: AI-powered tools create highly convincing phishing messages. Chatbots can impersonate banks or businesses, tricking individuals into divulging sensitive information.
  • Deepfake Scams: Advanced synthetic media enables criminals to imitate executives or employees, facilitating financial fraud and data breaches.
  • Automated Cyber Attacks: AI-driven attacks, such as rapid vulnerability scanning, can bypass traditional defenses and exploit system weaknesses faster than human detection allows.

Businesses must be particularly mindful of emerging AI-driven threats like deepfake scams where synthetic audio or video is used to impersonate executives or employees to commit financial fraud or initiate data breaches. This makes it crucial to adopt advanced threat detection tools and robust incident response strategies.

Supply Chain Vulnerabilities

Cybercriminals increasingly exploit supply chains by targeting vendors and suppliers with weaker cybersecurity measures. These attacks take advantage of the interconnected nature of business networks, using one breached partner as a gateway to broader organizational systems. Once inside, attackers can move laterally through networks to deploy malware or steal sensitive data, often going undetected until significant damage is done. The consequences are significant, with Gartner predicting that 45% of organizations will experience software supply chain attacks by 2025.

Data Privacy Concerns

Many businesses now rely on advanced tracking tools, such as biometrics and pixels, to collect personal data for HR, marketing and advertising purposes. While these technologies offer operational efficiencies, they also raise substantial data privacy risks. Failure to comply with international, federal or state legislation (e.g., GDPR, HIPAA, the California Privacy Rights Act) can lead to regulatory penalties, lawsuits and associated financial losses. Compounding these challenges, many cyber insurance policies are excluding coverage for claims related to wrongful data collection, leaving organizations exposed to significant liabilities.

Want to dive deeper into the P&C market trends shaping your business in 2025? Download our comprehensive P&C Market Outlook today to stay ahead of emerging risks and evolving coverage options.

Risk Management Strategies

  • Partner With Experts: Work with your insurance advisor to explore cyber liability coverage options tailored to your needs. Initiate early renewal conversations.
  • Fortify Systems: Secure your infrastructure by utilizing virtual private networks (VPNs), antivirus software, firewalls, email authentication technology, robust encryption protocols, and endpoint detection and response tools. Limit administrative access to only essential personnel.
  • Enhance Loss Prevention: Utilize loss control services offered by your insurer to strengthen cybersecurity defenses and minimize exposures.
  • Stay Compliant: Collaborate with insurance and legal experts to review your regulator exposures under data protection and cybersecurity laws. Make compliance adjustments as needed.
  • Plan for Incidents: Develop a well-documented cyber incident response plan. Test it regularly and update it to address evolving threats.
  • Maintain Software Integrity: Regularly update all workplace software to minimize vulnerabilities. A patch management system can facilitate this process.
  • Perform Data Backups: Store critical data backups securely and offline to protect against ransomware and data losses.
  • Manage Vendor Risks: Assess third-party vendors before entering a partnership. Review their cybersecurity practices, data protection practices and adherence to your company’s standards.
  • Empower Your Team: Conduct routine employee training to ensure awareness of emerging cyber threats and preventive strategies.
  • Account for Advanced Threats: Incorporate potential nation-state threats into your cybersecurity policies and protocols.

We’re Here to Help Prevent Cyber Exposures

Experts predict a 0 to 15% increase in cyber insurance premiums in 2024. Fortunately, you’re not in this alone. We’re here to help you understand the current cybersecurity market and implement risk management strategies to protect your organization. If you have more questions about your cybersecurity insurance coverage or the status of the market, connect with a member of our team.

© Copyright CBIZ, Inc. All rights reserved. Use of the material contained herein without the express written consent of the firms is prohibited by law. This publication is distributed with the understanding that CBIZ is not rendering legal, accounting or other professional advice. The reader is advised to contact a tax professional prior to taking any action based upon this information. CBIZ assumes no liability whatsoever in connection with the use of this information and assumes no obligation to inform the reader of any changes in tax laws or other factors that could affect the information contained herein. Material contained in this publication is informational and promotional in nature and not intended to be specific financial, tax or consulting advice. Readers are advised to seek professional consultation regarding circumstances affecting their organization.

“CBIZ” is the brand name under which CBIZ CPAs P.C. and CBIZ, Inc. and its subsidiaries, including CBIZ Advisors, LLC, provide professional services. CBIZ CPAs P.C. and CBIZ, Inc. (and its subsidiaries) practice as an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable law, regulations, and professional standards. CBIZ CPAs P.C. is a licensed independent CPA firm that provides attest services to its clients. CBIZ, Inc. and its subsidiary entities provide tax, advisory, and consulting services to their clients. CBIZ, Inc. and its subsidiary entities are not licensed CPA firms and, therefore, cannot provide attest services.