Cyber Trends Shaping Insurance Broker Strategies
    By Aaron Belair, President, Technology, North America
    Expertise
    July 16, 2025

    The full impact of 2024's large-scale cyber incidents — including the CDK, Change Healthcare, and CrowdStrike attacks — has yet to be realized. Globally, experts expect cyberattack costs to reach $10.5 trillion annually.

    Securing comprehensive cyber insurance coverage is one potential solution to protect your clients from increasingly volatile cybercrime. As these threats become more sophisticated, insurance brokers will be crucial in guiding clients toward tailored insurance solutions that address immediate financial losses and long-term recovery strategies.

    Are Your Clients in the Know?

    While these threats are widespread, many of your clients may be unaware of the fundamental warning signs. Cybercrimes evolve rapidly, often leaving businesses struggling to keep up with the latest threats. The most prevalent are:

    • Ransomware: Malicious software that targets a victim's files or system, demanding payment for their release.
    • Phishing: Cyberattacks where scammers con individuals into providing sensitive information, like passwords or financial details.
    • Social engineering: Manipulation techniques that exploit human psychology to convince users to provide confidential information or perform actions that compromise security.
    • Data breaches: When unauthorized users breach sensitive, confidential, or protected data, often leading to data theft, exposure, or misuse.

    Worse, attackers are incorporating AI to automate and amplify these threats.

    While governments worldwide enact stricter data privacy and security laws, compliance is becoming more complex. Help clients navigate threats and ensure their cyber insurance policies align with relevant regulatory requirements.

    Prioritizing Cyber Insurance

    Help your clients manage cyber risks by working with cyber insurance underwriting experts who can provide coverage tailored to your clients’ business needs. A well-structured cyber insurance policy can protect against various risks, including cyberattacks, business interruption losses, and regulatory fines.

    However, these policies may contain exclusions or sub-limits for certain risks, such as social engineering. Make sure clients understand these nuances and implement additional risk management measures where necessary.

    Compliance with Cyber Regulations

    Cyber regulations vary significantly depending on location. Businesses can align their insurance policies with relevant legal requirements. Companies operating in multiple jurisdictions must understand compliance obligations under regulations, for instance:

    Some cyber insurance policies offer coverage for legal costs and fines associated with non-compliance. Consider advising clients to have proper protection in place to prevent costly financial and reputational damage.

    Incident Response & Business Continuity Planning

    Even with strong cyber insurance coverage, a robust incident response and continuity plan can be beneficial. Work with clients to establish clear protocols for handling cyber incidents, including:

    • Developing a communication strategy for affected stakeholders.
    • Coordinating with insurers and forensic investigators.
    • Notifying customers and regulatory bodies when necessary.
    • Understanding the claims process to ensure swift action in the event of an attack.

    Preparation is key. Make sure clients are ready to act decisively should a cyber incident occur.

    Cyber Risk Mitigation Best Practices

    You can effectively reduce risk exposure by implementing robust cybersecurity practices. The following risk control measures can help strengthen businesses’ cybersecurity posture:

    • Regular cyber risk assessments to identify vulnerabilities and implement risk mitigation strategies.
    • Security awareness training for employees to recognize phishing and other cyber threats.
    • Secure, encrypted off-site backups to safeguard critical data.
    • Multi-Factor Authentication (MFA) for enhanced access security.
    • Automated software updates and patch management to address bugs and vulnerabilities.
    • Endpoint Detection and Response (EDR) for continuous threat monitoring.
    • Thorough vetting of third-party vendors to minimize supply chain risks.

    Knowledge is Power

    Supporting clients involves a holistic approach to risk management, compliance, and proactive cybersecurity measures. Staying informed about cyber threats, regulatory requirements, and best practices allows you to help your clients with cyber insurance complexities and build stronger resilience against potential threats.

    To download the full report and learn about the other trends shaping brokers strategies in 2025, click here.

     

    This newsletter is provided for general informational purposes only and does not constitute and is not intended to take the place of legal or risk management advice. Readers should consult their own counsel or other representatives for any such advice. Any and all third-party websites or sources referred to herein are for informational purposes only and are not affiliated with or endorsed by Intact Insurance Group USA LLC (“Intact”). Intact hereby disclaims any and all liability arising out of the information contained herein.