What's Happening?
As of the second quarter of 2026, cyber-enabled fraud has emerged as the primary cyber risk for C-suite executives, surpassing ransomware. This shift is highlighted in the World Economic Forum's Global Cybersecurity Outlook 2026 report, which indicates
that fraud and phishing are now the top concerns for CEOs, particularly in organizations with less developed cybersecurity resilience. The report reveals that 73% of surveyed executives experienced or knew someone affected by cyber-enabled fraud in 2025. Despite this, chief information security officers (CISOs) still view ransomware as their main concern. The rise in cyber-enabled fraud, often executed through social engineering techniques like business email compromise (BEC), has led to significant financial losses, with the FBI reporting over $17 billion in losses in recent years. This trend is prompting a reevaluation of cyber insurance policies, as many do not fully cover fraud-related losses, often requiring additional crime insurance coverage.
Why It's Important?
The increasing prevalence of cyber-enabled fraud poses significant challenges for businesses and the insurance industry. As fraud becomes a more prominent threat, companies must reassess their cybersecurity strategies and insurance coverage to mitigate potential losses. The shift in focus from ransomware to fraud highlights the evolving nature of cyber threats and the need for adaptive risk management strategies. For the insurance industry, this trend necessitates a reevaluation of policy offerings to ensure adequate coverage for fraud-related incidents. Businesses that fail to address these risks may face substantial financial losses, while insurers must balance the need for comprehensive coverage with the financial implications of increased claims. The growing sophistication of cybercriminals, aided by advancements in artificial intelligence, further complicates the landscape, making it imperative for companies to stay ahead of emerging threats.
What's Next?
As cyber-enabled fraud continues to rise, businesses are likely to invest more in cybersecurity measures and employee training to prevent such incidents. Insurance companies may need to develop new products or adjust existing policies to better cover fraud-related losses, potentially leading to higher premiums or more stringent underwriting processes. Additionally, the integration of artificial intelligence in cyberattacks could prompt regulatory bodies to implement stricter cybersecurity standards and guidelines. Companies will need to collaborate with insurers and cybersecurity experts to develop comprehensive risk management strategies that address the evolving threat landscape. The ongoing dialogue between businesses, insurers, and regulators will be crucial in shaping the future of cyber insurance and ensuring that coverage keeps pace with the changing nature of cyber threats.
