Cyber Risks & Liabilities Newsletter

This improvement is largely tied to stricter underwriting standards and enhanced cyber hygiene among insureds, which helped stabilize loss ratios despite the ongoing rise in cyberattack severity. Some insurers have begun offering broader coverage, higher limits and lower retentions to organizations that demonstrate strong cybersecurity controls.

While continued softening is expected into 2026, emerging trends—such as the growth of AI‑driven attacks, business email compromise (BEC) schemes and sophisticated phishing campaigns—could disrupt the market. Insurers remain cautious, prioritizing underwriting discipline and closely scrutinizing high‑risk accounts to maintain profitability.

Looking ahead, policyholders may see ongoing pricing stability as long as catastrophic cyber losses remain limited. However, the threat of a major systemic event, such as a large third‑party breach affecting multiple organizations, could quickly reverse current conditions. Insurers are also increasing segmentation between high‑ and low‑risk accounts, rewarding strong cybersecurity practices with favorable pricing and terms. Basic controls such as multifactor authentication (MFA), endpoint detection and response (EDR), reliable data backups, tested incident response plans and regular employee training are becoming essential for securing competitive coverage.

---

Combating Tech Support and Help Desk Scams

Cybercriminals continue to rely on social engineering, including tech support and help desk impersonation scams, to gain unauthorized access to networks. In tech support scams, attackers use pop‑ups, ads, emails or calls to convince employees that a device issue requires immediate attention, then direct them to fake support lines posing as trusted vendors. Once connected, scammers may install malware, steal data, solicit payments or enroll victims in fraudulent service contracts.

Help desk scams involve criminals impersonating internal IT staff through phone calls, texts, emails or collaboration messages. Using urgent language, they claim login credentials must be reset or that there is a critical IT issue, pressuring employees into granting access or sharing sensitive information.

Organizations can help prevent these scams by:

• Training employees to recognize social engineering red flags and ask questions when something feels suspicious.
• Establishing secure communication protocols for IT interactions and instructing employees to disregard unsolicited messages.
• Using technical safeguards, such as up‑to‑date security software, pop‑up blockers and email filtering tools.

Effective training and robust controls significantly reduce the risk and potential fallout of these scams.

---

Navigating Increasing BEC Risks

Business email compromise remains one of the most financially damaging forms of cyber fraud. These schemes typically involve attackers spoofing executives or business partners to trick employees into transferring funds or sharing sensitive information. Since 2022, the FBI’s Internet Crime Complaint Center has reported over 20,000 BEC complaints and more than $2.7 billion in annual losses.

As BEC threats grow, many cyber insurers are tightening sublimits for social engineering losses and requiring stronger preventive measures. These may include enhanced email authentication tools, advanced EDR solutions, MFA, stricter access controls and multi‑step verification procedures for wire transfers. Some insurers now request detailed documentation—such as vendor payment workflows or bank‑callback evidence—before approving higher coverage limits.

Given these trends, organizations should routinely evaluate their BEC risks and adjust their controls accordingly to reduce exposure and maintain access to comprehensive cyber coverage.

For additional guidance on risk management or coverage options, contact Horst Insurance today.