Offering a simple yet broad coverage, C360 provides full protection for an unlimited number of claims on an any one claim (AOC) basis up to the full policy limit throughout the policy period.

This is crucial as small businesses are increasingly targeted due to their role in supply chains, the use of artificial intelligence (AI) by threat actors, and the expanding reliance on third-party vendors.

The product also covers events such as data theft, disruption to business operations, and impacts from critical service provider outages.

Furthermore, C360 provides support for security breaches, offering policyholders access to Brit’s 24/7 emergency hotline, a suit of forensics and data restoration services, with zero retention.

Jon Sullivan, Chief Underwriting Officer at Brit said: “We are pleased to announce the launch of C360. This is another example of Brit’s innovative cyber offering for small businesses, which is a key market segment for us.

“Small businesses are now at a greater risk of being targeted by threat actors, often due to their valuable roles in larger business supply chains. C360 provides the robust yet accessible protection they need to safeguard against a broad spectrum of cyber risks.”

Adelle Gruber, Class Underwriter, Cyber at Brit added: “All businesses are reliant on data and technology to efficiently operate, and SMEs are no different. With a growing number of threat actors finding ways to infiltrate firms’ operations, it is essential the insurance industry responds with readily available and appropriate coverage.

“With over two decades of experience in helping navigate cyber risk, we understand the unique challenges faced by businesses of all sizes and are delighted to make this latest solution available.”

The post SMEs to benefit from Brit’s new cyber product appeared first on ReinsuranceNe.ws.

With this in mind, the rating agency said there is a heightened risk of severe cyberattacks during or following the military action, as has been observed in previous geopolitical conflicts.

“To date, there have been no public reports of large insured cyber-related losses directly attributable to the Middle East war. Most incidents appear to have disrupted services or systems without generating significant insured losses,” S&P explained.

However, the rating agency noted that while the war’s impact on insurers’ cyber portfolios currently appears limited, the situation remains fluid and could escalate further, particularly once the physical conflict subsides.

S&P continued, “An escalation of malicious cyberactivity into larger, coordinated, state-linked attacks could severely test underwriting models, raise accumulation risk, and spark legal disputes over coverage.

“That said, insurers have been refining their cyber policy wording over the past few years, particularly around war-related exclusions and state-sponsored cyber activity, in order to clarify the coverage boundaries.

“At the same time, underwriting frameworks increasingly incorporate cyber-risk analytics, threat intelligence, and geopolitical risk assessments to better understand systemic exposure.”

The rating agency also highlighted the significant cyber insurance protection gap, noting that many companies remain uninsured or underinsured against cyber risks despite increasing digital dependence.

“Rising geopolitical tensions and growing awareness of cyberattacks could further increase the demand for cyber insurance. Alongside traditional insurance solutions, alternative risk-transfer mechanisms and public-private partnerships may play an important role in gradually narrowing the protection gap,” S&P added.

S&P Global Ratings credit analyst Manuel Adam continued, “Our focus remains on insurers’ risk management practices, portfolio diversification, and operational resilience.

“Overall, the Middle East war highlights the growing interconnection between cyber risk, geopolitics, and insurance, reinforcing the importance of clear policy language, prudent underwriting, and robust operational safeguards to maintain portfolio resilience.”

The post Heightened risk of severe cyberattacks amid Middle East conflict: S&P appeared first on ReinsuranceNe.ws.

BreachRx is the first platform built to run cyber incident response as a governed, enterprise‑wide business process.

The contractually backed financial safeguard aims to protect CISOs, CEOs, General Counsel, and other organisational leaders from personal liability stemming from cybersecurity incidents.

Available from 2nd April 2026, the BreachRx CIRM Warranty includes tiered limits aligned to BreachRx product plans. It offers up to $3 million in coverage for regulatory defence costs, fines and penalties, and negligence-related claims tied to incidents handled through the BreachRx platform.

The BreachRx CIRM solution transforms incident response from ad hoc coordination into a governed, cross-functional operating system spanning security, legal, privacy, communications, IT, and executive leadership—now supported by a contractual financial warranty.

Anderson Lunsford, Co-Founder & CEO of BreachRx, said, “Cyber leaders are no longer judged on containment speed—they are judged on proof. This means proof they were prepared, followed a sound and repeatable process, and took the right actions at the right time.

“By combining our CIRM solution with a real financial backstop, we’re giving CISOs and C-level executives something fundamentally new: a defensible system of record and personal protection at the moment scrutiny is highest.”

Unlike traditional cyber insurance, which often involves large retentions and executive coverage gaps, the BreachRx CIRM Warranty applies from the first dollar of eligible costs arising from incidents managed through the BreachRx CIRM solution. It is designed to complement cyber and D&O programmes, helping to fill structural gaps where CISOs and other leaders may not be fully covered.

When customers manage incidents through BreachRx, the resulting audit trails, deadline tracking, and regulatory alignment make them eligible for warranty-backed coverage that absorbs expenses which might otherwise fall entirely on the company and its leadership.

James Beeson, former CISO of a Fortune 20 insurer, said, “One of the biggest fears when a breach happens under a CISO’s watch is what the impact will be for the company and what the impact to them personally will be afterwards.

“BreachRx helps strengthen security playbooks, workflows, and defensible documentation across legal, security, communications, and executive stakeholders. Knowing those same processes can unlock up to $3 million in financial protection can change the conversation with the board and give teams an additional level of personal assurance.”

The post BreachRx launches cyber incident response management warranty with $3m in coverage appeared first on ReinsuranceNe.ws.

According to the global reinsurance broking and advisory firm’s new white paper, “Cyber and Property Combined Covers: Buying the Tail More Efficiently,” the cyber insurance market has doubled in size globally, with gross written premiums rising from $8 billion in 2020 to $16 billion today.

This rapid expansion is driving growing demand from insurers seeking more efficient ways to protect against extreme cyber tail events.

Gallagher Re noted, “We have long identified cyber risk as a potential driver of volatility for re/insurers, and hence of their capital levels.”

The firm added, “In other words, if there were a large-scale cyber catastrophe, it could impact re/insurance balance sheets in a similar way as an unexpectedly severe natural disaster — albeit the quantum of losses would likely be much smaller.”

Insurers are reportedly well aware of these risks, and Gallagher Re expects demand for cyber excess of loss (XL) tail protection to grow materially in the coming years.

As evidence of this trend, the firm’s white paper highlighted a recent market milestone, stating, “As an illustration, at the 1.1.26 renewal we saw — for the first time — the purchase of a $1bn Cyber XL tower.”

The white paper raised a strategic question for the market whether cyber tail protection should continue to be purchased as a standalone solution or integrated with other tail covers within combined reinsurance structures.

Gallagher Re added, “The reinsurance market has been willing and able to provide cyber XL coverage, particularly in an environment of excess capacity. We have seen significant growth in the amount of limit available, while at the same time prices have continued to fall.”

“Nevertheless, for tail risks, reinsurers continue to charge a disproportionately high multiple of expected losses (EL), and minimum rates-on-line remain stubborn in the standalone cyber market to allow for the inherent tail uncertainty.”

“As brokers, we have been keen to find ways that our clients can buy cyber tail risk protection more efficiently by combining it with uncorrelated risks. We have developed a structure that combines cyber with property cat in a shared-limit XL layer, which can secure capacity at a meaningfully lower rate-on-line than could be achieved by buying either on a standalone basis.”

According to Gallagher Re, its analysis shows that combining cyber tail risk with property catastrophe risk in shared-limit structures can result in materially lower pricing.

This is achieved through reduced capital requirements, diversification benefits, and lower risk loads.

The firm also highlighted the growing role of insurance-linked securities (ILS) and cyber catastrophe bond markets in diversifying the capital base and supporting rising demand for cyber tail protection.

Ian Newman, Global Head of Cyber at Gallagher Re, commented: “As the cyber insurance market continues to grow, insurers are facing increasing challenges in managing their exposure to extreme tail risks.”

He added, “By leveraging diversification benefits and exploring opportunities in the ILS market, we can help our clients navigate this evolving landscape and build resilience for the future.”

The post Property-cyber blended structures emerge as solution to costly tail risk: Gallagher Re appeared first on ReinsuranceNe.ws.

A new blog, authored by William Altman, CyberCube’s Director of Cyber Threat Intelligence Services, observed that the United States and Israel’s military strikes against Iran have increased the odds of retaliatory activity in cyberspace.

“To date, there has been no confirmed specific counter-cyberattack by Iran or affiliated groups that directly ties back to the operation. However, security community commentary has warned that Iran-aligned actors could carry out cyber operations, including ransomware, against U.S. or allied targets in retaliation,” CyberCube’s blog explained.

With this in mind, the firm has analysed a portfolio of roughly 1,000 large U.S. companies, classifying them into risk tiers based on their exposure to APT33, MuddyWater, and Fox Kitten, three prominent Iranian state-aligned cyber groups known to target U.S. enterprises and critical infrastructure.

CyberCube said that its analysis was conducted through Portfolio Threat Actor Intelligence (PTI), which harnesses AI to map the behaviour of cyber threat actors and the technologies they most frequently target.

PTI identified 12% of large-sized U.S. firms with revenues over $1 billion across seven critical industries, Banking, Financials, Energy & Utilities, Oil & Gas, Healthcare, Telecommunications, and the Public sector, as facing the highest likelihood of being targeted by Iranian cyber threat actors.

Among them are 28 U.S. health organisations and 13 U.S. energy and utilities companies.

CyberCube has thus urged cyber insurance carriers to leverage threat-intelligence-informed analytics to better understand the risks posed by Iranian cyber threat actors.

The firm said insurers should use threat intelligence tools, such as its PTI solution, to identify portfolio companies that should be prioritised for action during ongoing campaigns and to focus outreach to insureds on targeted security improvements aligned with relevant threat actors’ tradecraft.

It also recommended incorporating the highest-risk entities into threat-aligned portfolio tiering and stress-testing exercises to help quantify potential losses during sustained cyber campaigns.

“With the right solutions and proactive threat intelligence, cyber insurers can take decisive steps to strengthen portfolio resilience, protect clients, and reduce the risk of loss,” CyberCube concluded.

William Altman commented, “Insurance carriers should anchor expectations in Iran’s observed cyber playbook. U.S. government guidance has repeatedly warned that Iranian government-affiliated cyber threat actors target poorly secured networks and internet-connected devices, and that heightened vigilance is warranted for U.S. critical infrastructure and entities of interest.”

The post CyberCube flags elevated cyber risk from Iran following US-Israel strikes appeared first on ReinsuranceNe.ws.

As part of this collaboration, UIB will adopt CyberCube’s Broking Manager and Prep Module to enhance the analytical capabilities of its global cyber practice.

UIB selected CyberCube for its advanced risk quantification tools, which offer a consistent and data-driven view of cyber exposures.

These technological insights are key to enhancing UIB’s client advisory services, clearly communicating risk to carriers, and optimising placement strategies throughout its global network.

Furthermore, the integration of these tools with the Prep Module will streamline the submission process and improve how risks are presented in the increasingly competitive cyber insurance market.

Dimaggio Rigby, Head of Cyber at UIB, said: “The cyber landscape is evolving at pace, and clients increasingly expect brokers to provide clear, quantitative insights. With CyberCube’s platform, we can enhance the sophistication of our analytics, improve the clarity of our engagement with carriers, and support clients more effectively as cyber continues to grow globally.”

According to the announcement, UIB’s partnership with CyberCube significantly advances its global and long-term growth strategy, especially in LATAM and Asia, where demand for advanced cyber solutions is increasing.

UIB’s established presence, ongoing investment, and expanded specialist teams in these regions enable the group to deliver enhanced cyber expertise to emerging and evolving markets.

Julian Ball, Co-Head North America, UIBL, and Managing Director, Head of Specialty Lines Division, commented: “Integrating advanced cyber analytics strengthens our specialty lines proposition and supports our sustained growth in North America and beyond. CyberCube’s capabilities enable us to clearly articulate risks and ensure they are positioned effectively across international markets.”

Nate Brink, Head of Broker Sales & Account Management at CyberCube, added: “UIB is a leader in managing complex risks, and we are thrilled to support its global expansion. By leveraging CyberCube’s bespoke solutions, UIB can now bridge the data gap in rapidly evolving markets across LATAM, Europe, and Asia, providing the sophisticated, localized cyber guidance their clients require.”

The post UIB to strengthen cyber insurance capabilities with CyberCube partnership appeared first on ReinsuranceNe.ws.

During the 12 months ending August, organisations experienced a 129% increase in ‘nationally significant’ cyber security incidents, according to the National Cyber Security Centre(NCSC).

Despite this, the Cyber insurance market continues to provide favourable conditions for clients, with premiums across the Lockton portfolio dropping by an average of 11% in 2025, and carriers increasingly willing to cover new exposures.

“This combination – of broader coverage alongside continued price competitiveness – comes despite 2025 witnessing some of the most consequential cyber incidents in recent history, with several major ransomware attacks significantly impacting company earnings,” Lockton explains.

Adding: “It was also arguably the first time in which a cyber event had a direct, substantial impact on UK consumers, helping to elevate public awareness of cyber security to an unprecedented level.”

The first half of 2025 saw more pronounced rate reductions, and the decrease was more gradual in the latter half. Lockton expects this downward trend to continue, with further reductions through the first half of 2026.

Aggressive growth targets continue to fuel appetite, with new MGAs, a new syndicate, and insurers deploying more net capacity.

Insurers continue to differentiate themselves with broader and more tailored coverage solutions. Notable recent coverage improvements include: any-one-claim coverage, customer business interruption, and reinstatements.

In 2025, Lockton’s portfolio claim notifications rose approximately 20%, most of them being for data breaches. Most of these are likely to be extremely severe once litigation has concluded and liability is established.

Notably, although ransomware attacks accounted for only 16% of notifications, they represented approximately 75% of total insurer payouts.

According to the report, despite lower frequency, ransomware impact has intensified. Sophisticated actors like Scattered Spider have pushed recovery timelines from weeks to months.

Also, attackers continue to favour unpatched vulnerabilities and phishing – targeting both employees and managed service providers (MSPs) – over infiltration techniques.

Major insurers in the market have indicated that claims from the 2023 and 2024 underwriting years, which are still developing, are trending significantly higher than anticipated.

There is growing concern across the market that these years may ultimately prove unprofitable as claims continue to develop.

Carlo Ramadoro, Head of Cyber and Technology at Lockton, stated: “Cyber insurance continues to favour buyers in 2025 and 2026, unlike at the turn of the decade when sharp price increases saw rates double overnight.

“Choice and competition mean premiums remain historically competitive, even as incidents rise, coverage diversifies, and large cyber events become increasingly frequent and severe.”

He warned, “But this stability may not last. Historic claims, especially in the US, could challenge the market as losses from earlier years in 2023 and 2024 accumulate. This could put pressure on insurer profitability and raise the risk of renewed pricing swings in 2027. However, any correction is unlikely to be as severe as in 2020.

“Now remains an opportune time to purchase Cyber Insurance. First-time buyers should be able to negotiate strong terms and conditions, and for existing buyers, it is a sensible moment to review and stress-test limits of liability.”

The post Cyber insurance rates decline despite surge in claims: Lockton appeared first on ReinsuranceNe.ws.

Millaire has led CyberCube since its creation and steps down as CEO with the company well positioned to deliver on its goals.

Methven joined the firm in 2020 as Chief Growth Officer, and brings extensive knowledge of the business and culture, as well as a strong understanding of CyberCube’s products, clients, and long-term ambitions to the CEO role.

Before CyberCube, Methven served as Chief Revenue Officer for supply chain risk analytics firm, Achilles.

“I’m honoured to be taking on the role of CEO at such an exciting time for the business. I have spent the last six years working directly with our clients and the wider market. I’m very much looking forward to leading the next phase of the company’s growth and development, building on the strong foundations already in place,” said Methven.

“Chris is a proven leader who deeply understands our business and the criticality of the analytics that we provide to our insurance clients. I have full confidence that under Chris’s leadership, CyberCube will expand its market leadership position as the pre-eminent provider of cyber risk analytics to the global insurance industry,” commented Millaire.

Scott G. Stephenson, Chair of CyberCube’s Board of Directors, added: “I am delighted to welcome Chris as our new CEO. He has a proven track record of success as Chief Growth Officer at CyberCube. Having worked closely with Chris for a number of years, I know what a committed, dynamic, and inspirational leader he is. His deep knowledge of the business means this transition will be seamless for both our people and our clients.

“I would also like to take this opportunity to thank Pascal for his hard work and dedication. He has guided the business to a position of real strength, providing the platform for future growth. We are pleased that Pascal will continue to support the company in a senior advisory capacity.”

The appointment of a new CEO comes just months after CyberCube secured a sizeable investment of over $180 million from a new cornerstone investor, Spectrum Equity.

Currently, the company is a trusted partner to over 130 clients across the cyber insurance and reinsurance value chain and beyond. The firm reveals that its solutions are utilised by 75% of the top 40 US and European cyber insurers, by gross written premiums, and the majority of the top 20 global brokers.

The post Chris Methven takes over as CyberCube CEO appeared first on ReinsuranceNe.ws.

The report highlighted that as cyber incidents rise across industry sectors and countries, new regulations aimed at promoting greater cyber resilience are emerging, bringing additional fines and penalties for companies, executives, and board members who fail to ensure compliance.

The regulatory perimeter for cyber fines has expanded sharply. The EU, for example, has introduced major frameworks such as DORA (the Digital Operational Resilience Act) and the NIS2 Directive (Network and Information Security), while the UK recently published the Cyber Security and Resilience Bill. As a result of these new rules, enforcement has become more assertive, technical, and multi-layered, making the insurability of fines and penalties uncertain.

The report found that many jurisdictions restrict or prohibit insurance for criminal or punitive administrative fines on public policy grounds. Many penalties are only insurable to the extent permitted by law, leaving organisations potentially liable for regulatory fines even if they hold cyber insurance.

Meanwhile, defence, investigation, breach notification, business interruption, and remediation costs are more consistently covered, highlighting a growing gap between regulatory risk and insurable protection.

Findings show that non-monetary penalties can be as disruptive as fines. These measures can include orders to cease processing, undergo audits, suspend operations, or revoke licences.

In addition, boards and senior management face heightened accountability, with new regulatory regimes raising expectations around proper oversight, investment, and preparedness in risk mitigation.

Pablo Constenla, head of coverage and claims for cyber and financial lines at Aon in EMEA, said, “The regulatory landscape for cyber is evolving rapidly, with regulators taking a much more hands-on approach to enforcement, from testing technical controls to imposing penalties – which could also boost third party liability. Businesses need to understand how fines and penalties are treated across jurisdictions and ensure that their governance, reporting and compliance frameworks are robust enough to withstand scrutiny.”

David Molony, head of cyber solutions EMEA at Aon, added, “Cyber risk is not just about the likelihood of an attack or data breach, businesses should also consider the financial and reputational impact of regulatory consequences. Organisations that integrate incident response planning with risk oversight and cross-functional coordination are better positioned to absorb shocks and to maintain operational resilience amid an increasingly complex environment.”

The post Cyber-related fines reveal widening gap between regulatory risk & insurable protection: Aon appeared first on ReinsuranceNe.ws.

Bringing nearly two decades of re/insurance experience to his new position, joining TMK from Guy Carpenter, where he most recently served as Senior Vice President. Prior to this he also held positions at Canopius and Willis Re.

Alongside his wealth of experience, Sitki has a particular expertise in developing cyber solutions for businesses across the Middle East and Africa.

He will be reporting to Cesar Silvestre, Head of Cyber Reinsurance Solutions, who commented: “We’re delighted to welcome Ben to the team. His extensive cyber experience, and proven ability to build client relationships and develop new markets, makes him an excellent addition as we continue to grow our cyber reinsurance capabilities.

“Ben’s deep understanding of emerging market dynamics and requirements will be invaluable as we expand our offering to meet the evolving needs of our clients globally.”

Sitki’s appointment follows the launch of TMK’s cyber reinsurance offering in November, with Silvestre joining to lead the department, and builds on the introduction of its flagship cyber insurance product TMK Cyber Ctrl and its market-first product Enterprise Ctrl.

The post TMK grows cyber reinsurance solutions team with new hire appeared first on ReinsuranceNe.ws.