5 Cyber Insurance Market Trends for Employers to Watch in 2025

The cybersecurity and cyber insurance space remains an extremely dynamic market that is constantly changing in response to technological, financial, and political news. From an employer policyholder perspective, below are five ongoing trends that merit close attention.

1. Increased Scrutiny of Vendor Cyber Risk

Key Takeaway: Third-party cybersecurity weaknesses are a growing underwriting concern that can affect your ability to acquire coverage.

Insurers are demonstrating an increased interest in the security of entities in the supply chains of their clients. The downstream risks posed by vendors and other third-party entities that are integrated into client systems are under more scrutiny than was true in even the recent past. Businesses seeking coverage are expected to conduct due diligence on the cyber hygiene and security infrastructure of cloud providers, SaaS platforms, payment processors, and any other entities that are able to access sensitive information. Whenever possible, these vendors and contractors should be barred from direct access to internal company systems. This shifting attitude from underwriters means that organizations must not only secure their own networks, but also take an active role in ensuring that their suppliers and partners adhere to strong cybersecurity standards.

2. AI as Double-Edged Sword

Key Takeaway: Generative AI is simultaneously increasing the offensive capabilities of cybercriminals and the defensive capabilities of their targets.

At first blush, the advent of cheap, commercially available generative AI might seem like a godsend to those looking to infiltrate private-sector IT networks. AI is incredibly useful for automating attacks, augmenting coding abilities, crafting convincing phishing emails, mimicking the writing styles of specific employees, and generating deepfake voices. All of these capabilities have significantly lowered the barrier to entry for those looking to executive sophisticated hacking attacks and social engineering scams which once required a great deal of time, expertise, and talent. However, AI-powered security tools are also proving to be extremely useful in helping companies to proactively identify threats, detect anomalies and fraudulent activity, and increase the bandwidth of IT teams. In this arms race environment, businesses that are adept at leveraging AI to reduce their risk profile will be rewarded with lower premiums.

3. Stricter Underwriting & Compliance Expectations

Key Takeaway: The current cyber insurance cycle looks to be a seller’s market, with insurers becoming more choosy about which clients they will take on.

Insurers now conduct proactive cyber risk scans in order to identify vulnerabilities before issuing coverage, and may reject applicants who fail to meet baseline security expectations. Even for businesses that qualify, claims can be denied if they fail to follow security protocols, such as verifying wire transfers through documented procedures. In the present environment, businesses must demonstrate robust protections like multi-factor authentication (MFA), endpoint detection and response (EDR), and strong backup protocols to secure policies at reasonable rates. On the positive side, companies with strong cybersecurity controls are seeing premium discounts. However, those lagging behind are increasingly subjected to higher costs, diminished coverage, or outright denials.

4. Geopolitical Cyber Threats & State-Sponsored Attacks Are on the Rise

Key Takeaway: An increasingly tense geopolitical climate is fertile ground for more numerous and aggressive attacks on private-sector American companies by cybercriminals working for foreign governments.

Cyber risk from foreign actors is growing due to the continuing deterioration of global stability since Russia’s 2022 invasion of Ukraine, the return to a more hawkish American foreign policy under the new Presidential administration, and increasing anti-Western cooperation between the Chinese, Russian, Iranian, and North Korean governments. While critical U.S. government infrastructure, defense contractors, financial institutions, and prestigious Fortune 500 companies remain the top targets for foreign state actors, smaller and more obscure organizations are now on the menu as well. Insurers are becoming more hesitant to cover state-sponsored attacks, as attributing these breaches is difficult and often politically sensitive. In addition to this, the U.S. government now closely monitors ransomware payments through the Office of Foreign Assets Control (OFAC), meaning that businesses paying ransoms to cybercriminals linked to sanctioned entities could face legal consequences.

5. Cyber Risk Considerations in Mergers & Acquisitions

Key Takeaway: Cybersecurity risk has become a critical factor in mergers and acquisitions (M&A), as acquiring a company without assessing its cyber hygiene can lead to significant liability.

Insurers and regulators are placing increased scrutiny on how businesses evaluate the cybersecurity posture of potential acquisitions. Once an uncommon or optional part of M&A due diligence, ensuring that potential cyber risks are accounted for is now becoming a mandatory step before the finalization of any deal. Companies that fail to conduct thorough cybersecurity vetting risk inheriting unreported data breaches, outdated security systems, compliance issues, or other undesirable pathologies that could result in financial and reputational damage. Conversely, businesses with strong cybersecurity frameworks are seen as more attractive acquisition targets due to the perception of lower risk.

For more analysis on cybersecurity risk and other critical topics for employers, check out the 2025 Workforce Insights Guide. If you’re interested in customized guidance for your business, you can contact the OneDigital cyber team via our Property & Casualty solutions page.