’These significant financial implications affect businesses across all sectors and of all sizes, but some are more heavily targeted than others,’ says UK underwriting director 

As businesses across the world become increasingly digitalised, the risks associated with cyber attacks grow. 

Alongside this growth, the opportunity for insurers to provide cyber insurance has also appeared – with this particular line now one of the fastest growing in the whole industry. 

A Swiss Re report, published in August 2023, noted that the global cyber insurance market tripled in volume across the previous five years and generated gross written premiums of £10.2bn ($13bn) in 2022.

And by 2025, the reinsurer predicted that the global market would grow to £18.1bn ($23bn). 

However, the risks of cyber attacks and the financial damage they can cause are not equal for all businesses. According to IT support-provider AAG’s latest cyber crime data, published this month (February 2024), while 32% of UK businesses reported suffering a cyber attack or breach in 2023, this rose to 59% for medium-sized businesses and 69% for large businesses.

Large businesses are better prepared to tackle the risks of cyber attacks based on their capabilities, leaving medium-sized firms as an opportunity for the insurance industry to demonstrate its value. 

Claud Bilbao, UK underwriting director at cyber insurance provider Cowbell, tells Insurance Times: ”Size has a real bearing on the potential risk a business faces. As businesses embrace technological advancements to enhance efficiency and foster growth, they are becoming increasingly interconnected, linking numerous endpoints across their operations.

”But this interconnectedness, while offering unprecedented opportunities, also exposes businesses to significant and elevated cyber risks – with more endpoints come heightened vulnerabilities, as each device represents a potential entry point for malicious actors.”

Sophisticated attacks

Bilbao explains that the increased complexity of systems creates potential security gaps that cyber criminals can exploit, with reliance on third parties and an IT supply chain adding further potential attack vectors.

He says: “Despite having more resources and availability of expertise at their disposal than smaller businesses, mid-market companies have certainly not been immune to the significant rise in cyber attacks being witnessed all over the UK. 

“While the nature of these cyber attacks remains similar, it is the way in which adversaries exploit these enterprises that tends to differ – [in the mid-market], we are seeing highly sophisticated, targeted attacks that often result in the victim being socially engineered in some way, leading to severe damage and significant financial loss.” 

Social engineering refers to a type of attack in which victims are manipulated to reveal information, often via impersonation or scam tactics. 

Claud Bilbao Cowbell

Claud Bilbao

Bilbao continues: ”For the average mid-market business, the majority of cyber insurance claims revolve around ransomware incidents, which typically involve systems being locked out and attackers demanding ransom payments for decryption keys.

“We’re also seeing mid-market firms increasingly falling victim to double ransomware attacks, where attackers not only lock systems, but also steal sensitive data to extort additional payments.” 

Despite this increased risk, Biblao explains that the penetration rate for purchasing cyber insurance in the UK remains low.

The product remains complex and can require highly specific technology and a tailored approach from brokers to continuously conduct risk management and assesment. 

“Most brokers are aware that cyber security is not a one size fits all approach,” says Bilbao.

“The bigger the organisation gets, the more complex the tech infrastructure and supply chain.

Specialised cyber insurance providers offer tailored solutions that leverage proprietary technoloy, internal threat intelligence teams and risk engineering services to provide real-time insights, identify critical vulnreabilities and support clients in mitigating cyber risks.” 


In terms of what brokers can do to support their clients, Bilbao recommends that they remain informed of “evolving risk landscape”. 

“Only be staying abreast of emerging cyber threats and industry best practices can brokers provide informed guidance to clients,” he says. 

“The uptake of cyber insurance for mid-market businesses may be increasing – driven by a a growing awareness of cyber risk and the potential impact of cyber incidents – but barriers to adoption still exist. 

“Responsibility for cyber security should extend from the IT department, reaching all the way up to the risk committee to include chief risk officers and even the chief executive – and brokers’ role to play in this should not be underestimated.”