The cyber insurance market continues to evolve in 2025, shaped by the rapid rise of AI, increasing regulatory pressures, and the ripple effects of third-party vulnerabilities. At M3, our cyber team works alongside carriers, clients, and partners like Arctic Wolf to monitor these shifts and translate them into actionable insights for your organization.
Here’s what we’re seeing across today’s threat landscape, market conditions, and emerging risks, and what it means for your strategy heading into 2026.
Threat Landscape and Attack Trends
Artificial intelligence has revolutionized the business landscape around the world, but it has also created new opportunities for threat actors to create targeted phishing emails and deepfakes. In particular, there is ample opportunity for threat actors to create targeted deepfake voice recordings using publicly available audio. M3 has only seen one deepfake claim thus far, but these types of attacks are expected to increase in frequency and complexity as AI tools proliferate and become more sophisticated.
What it means: AI-enabled attacks are changing how organizations think about trust and authentication. Employee training, layered security, and strong vendor oversight are more critical than ever.
Market and Carrier Update
As we head into Q4, the cyber insurance market is showing signs of leveling out. The days of big renewal decreases seem to be behind us.
Rates have declined globally (7% in Q2 2025; 3% in the U.S.), but the market is beginning to show signs of stabilizing, particularly stateside. Most cyber insurance renewals are landing flat or within a few points up or down. Certain industries, like healthcare, manufacturing, and financial services, may still see some increases due to higher claims activity or past heavy discounts.
This isn’t a full market hardening, though. What we’re really seeing is carriers being more selective: moving away from accounts they don’t want to keep and adjusting rates where they feel coverage has been underpriced. In the long run, that kind of discipline helps keep the market stable.
On the flip side, capacity is strong. Carriers are offering higher limits than before, and with more players in space, competition remains healthy. Heading into 2026, it is predicted that the buyer market will continue. Cyber reinsurance remains favorable for buyers, which means it’s a great time to enter the market, or consider increasing limits. To stand out, many carriers are adding new coverage enhancements and even bundling in value-added services like managed detection and response (MDR). These extras not only help carriers stay competitive but also give policy holders more tools to manage their risk.
Evolving cyber underwriting.
- Carriers now use applications and scanning technology for a more accurate, holistic view of risk
- This leads to fairer underwriting and greater pricing stability
- Many carriers also provide free risk management tools, from phishing simulations to tabletop exercises.
Claims Update
Ransomware remains the biggest driver: 44% of IR cases during the reporting period pertained to ransomware, indicating just how prevalent such incidents are to victimized organizations.
Ransomware and business email compromise are the most common types of loss, accounting for 55% of losses in 2024. Ransomware losses are typically more expensive with an average loss of $631,000, while business email compromise losses had an average loss of $98,000. Anecdotally, the M3 cyber claims team has seen a high frequency of business email compromise claims in 2025, oftentimes coupled with financial fraud. The threat actor will use the compromised email inbox to send fraudulent invoices to the accounts payable department within the victim’s company or to customers, oftentimes piggybacking off a legitimate invoice.
Emerging Threats.
Third party claims.
A growing share of today’s breaches originate from vendors and other third parties, creating ripple effects that can impact thousands of organizations and millions of users. In 2024, 32% of the breaches handled by Experian were linked to third- or fourth-party incidents. The fallout can be severe, as seen in the Change Healthcare disruption, which halted claims processing across the healthcare sector. Similarly, the MoveIT vulnerability led to widespread data exfiltration by the threat actor CL0P, underscoring the costly and far-reaching nature of supply chain cyber risk.
Privacy Litigations.
A troubling trend over the past few years is the rise in class action litigation stemming from data privacy incidents such as ransomware attacks, business email compromises, and third-party breaches. These lawsuits are now affecting smaller organizations as well, with class sizes shrinking to just a few hundred individuals in some cases.
Stay Ahead
To help prevent business email compromise (BEC) incidents, ensure multi-factor authentication (MFA) is enabled on all email accounts and establish a callback procedure to verify any funds transfer requests.
Contracts remain your strongest tool for preventing and mitigating third-party incidents. Include language that requires vendors to:
- Notify you of cyber incidents within a defined timeframe,
- Maintain cyber insurance, and
- Provide indemnification for costs incurred due to a vendor-related event.
It’s also important to understand what due diligence your vendors conduct on their own partners to limit fourth- and nth-party risk.
While privacy litigation can be difficult to prevent, having a well-tested incident response plan can help reduce potential damages by enabling a faster, more effective response.
Yes/And: Our Take
Yes, the cyber landscape is complex, and it’s changing fast. That’s why M3 stays at the forefront: helping your organization turn uncertainty into clarity, and risk into resilience. Connect with your M3 Client Executive today to learn more.
Defend against
AI-driven
cyber attacks.
All month long, follow along with insights sights on today’s biggest cyber risks. From third-party exposures, AI, litigation trends, and more. Each week builds toward our feature event: a one-hour webinar with Arctic Wolf and M3 Insurance on AI-driven attacks. Learn how AI is transforming cyber threats, and how to protect your organization.
