What's Happening?
The cyber insurance market in Europe has softened from its peak during the early 2020s ransomware wave, resulting in lower prices and more favorable terms for coverage. Ben Dyson, senior editor at S&P Global Market Intelligence, stated that a large or systemic loss would be required to harden the market again. This was discussed during a webinar on July 24, 2025, which focused on trends affecting the insurance and reinsurance sectors in Europe. Despite recent cyber attacks, such as the exploitation of zero-day vulnerabilities in Microsoft SharePoint and data breaches at UK retailers Marks and Spencer and Co-op, the market has not seen significant changes. The financial impact of these attacks was estimated between £270m to £440m, but they were not substantial enough to alter market conditions.
AD
Why It's Important?
The current state of the cyber insurance market is significant for businesses and insurers as it reflects broader trends in cybersecurity risk management. The soft market conditions present an opportunity for companies to purchase cyber insurance at favorable rates. However, the lack of a major claims event suggests that insurers may not face immediate pressure to adjust pricing or terms. This situation underscores the importance of risk management and cyber hygiene, particularly focusing on human factors such as training staff to counter phishing attempts and deep fakes. The emphasis on individual responsibility highlights the ongoing challenge of managing cybersecurity risks effectively.
What's Next?
While the market remains soft, insurers continue to focus on risk management, ensuring that companies maintain adequate cyber hygiene. The recent attacks have prompted some companies to consider purchasing cyber insurance, and brokers are promoting the current favorable conditions as a good time to buy. The global impact of the Microsoft SharePoint attacks, primarily affecting US government agencies, serves as a learning point for future risk assessments. Insurers may continue to emphasize the importance of training staff to mitigate human-related vulnerabilities in cybersecurity setups.
Beyond the Headlines
The softening of the cyber insurance market, despite recent attacks, highlights the complex interplay between market conditions and cybersecurity threats. The focus on human factors in risk management suggests a shift towards more comprehensive approaches to cybersecurity, integrating technology with human training and awareness. This development may lead to long-term changes in how companies and insurers approach cybersecurity, potentially influencing policy and industry standards.
