Market seeks balance amid soft pricing, rising claims, and evolving exposures

Cyber

By Chris Davis

Nov 21, 2025Share

.main_content .h1,.main_content h1{font-size:32px}.main_content .h2,.main_content h2{font-size:24px}.main_content .h3,.main_content h3{font-size:18px}.main_content .h4,.main_content h4{font-size:16px}

The cyber insurance market is still struggling to strike a balance between affordability and sustainability, said Megan North (pictured), executive vice president and branch leader at Amwins Insurance Brokerage.

“The cyber market currently is sort of looking to find its balance,” North said. “In particular, how do we provide commercially viable products, useful products at competitive rates, but also maintain sustainability? I don't know that, as a marketplace, we've figured out how to do that perfectly.”

While the line has matured since its early days, North pointed out that it remained volatile by nature. Cyber is “still evolving just due to the inherent evolving nature of the risk,” she said. With soft market conditions persisting, pricing has reached pre-pandemic lows. “Rates [are] kind of nearing 2019 lows, yet the claims and losses haven't necessarily abated,” she said. “It does seem like a shift could be on the horizon - hopefully not as drastic as we had during 2020–2021.”

Are you an insurance innovator? Tell us — we want to hear your story

Strong demand, smarter buyers

Despite pricing pressure, demand for cyber coverage has remained strong. “We've had a couple of recent high-profile breaches that have shown the devastating effects that a large breach can cause,” said North. Not only did breaches hit primary targets, but the fallout often extended across third-party networks, increasing the sense of urgency for robust coverage.

At the same time, cheaper pricing has opened the door for buyers to expand coverage or purchase higher limits. “That’s a ripe environment for not only new buyers, but also those looking to beef up their cyber insurance programs,” North said.

Client expectations have also been shifting. North observed that policyholders - traditionally slow to adopt cyber insurers’ supplemental services - were beginning to show more interest in tools like vendor discounts, assessments, and breach support. “We're seeing more openness to the idea and more curiosity around these offerings from carriers,” she said. These services could help strengthen insureds’ security postures, which, in turn, might reduce losses and benefit the broader market.

Targeted underwriting, sector pressure

While rates overall have remained soft, underwriters have become more selective. “Underwriters are becoming more conservative in their rating,” North said. “I'm not saying that rates are going up necessarily - they're largely not - but for certain sectors, we seem to be experiencing what I would call a changing tide.”

The shift has been especially visible in sectors with adverse loss experience. Healthcare, manufacturing, and financial and professional services are all under tighter scrutiny. “A lot of that is driven by loss experience,” she said.

Opportunities in SMEs and integration

North sees potential for growth on two fronts: small to midsize enterprises (SMEs) and larger organizations with complex coverage needs. SMEs represent a volume opportunity, but they are also increasingly vulnerable. “Each year, there's thousands of small businesses that open their stores. And it's almost an endless pipeline of potential cyber buyers,” she said.

“Recent claims trends are showing that incident costs are rising for SMEs, too,” she added. “These are entities that can benefit massively from a competitive cyber insurance program.”

At the larger end of the market, North pointed to what she called “blended programs” - insurance products that integrate cyber into the broader risk portfolio. “We've traditionally looked at cyber risk insurance in a silo. It's been a standalone product for many years,” she said.

That model may no longer be sufficient. “There's a need for evolution and the ability of cyber to work together cohesively with other lines within an insurance program,” she said. For companies that treat cyber as an enterprise-wide risk, cyber coverage needs to align more closely with general liability, property, and professional lines.

Chasing a moving target

North acknowledged that the industry is still responding reactively to threats, a position largely dictated by the nature of the risk. “Threat actors are constantly developing new schemes, new methods of attack. And the reality is they only have to get it right once,” she said. “Meanwhile, the good guys, or security controls, have to be 100% perfectly secure, otherwise, they're vulnerable. And that's a big ask.”

The market’s synthetic nature - cyber is not a natural catastrophe, but a manmade and constantly shifting risk – has, at least, allowed for unique mitigation strategies. “As an incident is in progress, there's a chance to potentially diminish the effects of certain attacks,” she said.

Related Stories

• Why this soft market could be the most dangerous yet for cyber insurance
• Cyber insurance at a crossroads as rates fall and growth slows