Rate predictions: Cyber Risk
|
Trend |
Range |
| Cyber risk |
 |
-5% to +5% |
Key takeaway
While market stabilization has continued through the first half of 2025, carriers are aiming for flat rates on all layers given rate decreases over the past 18 months. There continues to be intense competition between cyber markets looking to retain their renewals and meet aggressive growth goals.
We’re currently seeing flat primary and excess cyber renewals and capacity continues to be readily available.
- Premium stabilization has continued through the first quarter of 2025, which has led to slight premium increases to follow clients’ revenues and exposures. It’s possible that we could see more significant premium increases toward the end of the year, as litigation that incepted at the end of 2022 and 2023 concludes.
- Underwriting decisions are heavily influenced by the security controls a company has in place in conjunction with pricing and attachment points.
- Competition is strong among markets and certain risks may receive multiple quotes. Incumbents are eager to retain business.
- Increased limit factors (ILFs) have come down in excess placements due to intense competition, especially on large towers, where there have been significant premium decreases.
- Capacity is plentiful in the market, partially thanks to new facilities able to provide significant excess capacity with flexibility to be deployed anywhere on a program above the primary layer.
- We’re seeing carriers more willing to underwrite to the gray area between yes/no within the applications.
Although the fourth quarter of 2024 saw a significant decrease in median ransomware payments, other data suggests that we shouldn’t expect a drastic slow down.
- According to Coveware, while median ransom payments fell 45% between Q3 and Q4 of 2024, the average ransom payment rose 16% during the same period.
- According to Cyberint’s 2024 Annual Ransomware Report, in 2024, the ransomware landscape recorded 5,414 published attacks on organizations worldwide, representing an 11% increase compared to 2023.
- According to ThreatDown State of Malware Report 2025, the number of known ransomware attacks increased 13% in 2024, which included the largest ransomware payment ever by a victim (a Fortune 50 company) of $75 million.
Markets continue to grapple with how to address claims and losses stemming from wrongful collection, the use of artificial intelligence and new SEC rules.
- There are a wide variety of approaches to wrongful collection coverage, as markets assess how biometric information legislation, as well as chat bot and meta pixel litigation, increased exposure to certain organizations.
- A recognition of how organizations are using AI, the extent of the new risks associated with the technology and an examination of where coverage for these exposures lie continues to be a theme in 2025.
- As the SEC continues to expand its reach, there’s more focus lately on the convergence of cyber and D&O coverages.
Download the full cyber report below.
Disclaimer
WTW hopes you found the general information provided here informative and helpful. The information contained herein is not intended to constitute legal or other professional advice and should not be relied upon in lieu of consultation with your own legal advisors. In the event you would like more information regarding your insurance coverage, please do not hesitate to reach out to us. In North America, WTW offers insurance products through licensed entities, including Willis Towers Watson Northeast, Inc. (in the United States) and Willis Canada Inc. (in Canada).
