2025 was an unprecedented year for high profile cyber incidents, with attacks on several household names hitting headlines nationwide. This has led to continued concern about the UK’s ability to withstand increasing cyber threats, and with good reason: the Cyber Security Breaches Survey 2025 reported that in the past year alone, 45% of businesses experienced a cyber incident.

In the cyber chapter of our annual Policyholder Review publication, partner Chloe Derrick and associate Claudia Seager explore the current trends affecting policyholders.

Cyber resilience: a call to action

The wide ranging financial and operational impact of cyber events means that cyber security is now an enterprise wide risk rather than simply an IT issue. Despite this, an overwhelming 57% of businesses are reported to be uninsured for cyber risks (Cyber Security Breaches Survey 2025). In a recent speech to the Corporation of the City of London, Nikhil Rathi, CEO of the Financial Conduct Authority, expressed concern that the nation was “massively underinsuring” against cyber risks.

Against this backdrop, it is unsurprising that cyber insurance continues its growth trajectory as the fastest growing global insurance product, with 41% of large enterprises planning to purchase cyber cover for the first time within five years (Cyber Insurance Report 2025, Howden). Cyber cover, however, remains a relatively new line of business, and the scope of protection available can vary significantly, particularly in relation to business interruption. The recent highly publicised attacks on the retail sector have intensified debate around how cyber insurance may respond, where purchased, to large scale business interruption losses. We review recent developments and offer key takeaways for policyholders in 2026.

Cyber claims: a broker perspective

Holly Waszak, Head of Cyber Claims at Marsh, gives a broker’s view on the market.

 

"Marsh’s UK Cyber Claims and Incident Management team dealt with around 600 notifications in its 2024 retail and wholesale books, and 2025 appears to be tracking to roughly the same number. However, cyber incidents have undoubtedly received greater media attention this past year."

Other topics covered in this chapter include:

  • A recap of 2025
  • From pandemic to cyber panic: lessons in business interruption
  • The Cyber Security and Resilience (Network and Information Systems) Bill
  • Held hostage: ransomware in the age of digital exploitation
  • When data costs: the rising price of privacy breaches
  • War risks in a cyber universe
  • War risks in the English courts
  • Looking ahead to 2026

 

 

Read more

To read the full chapter and additional commentary on key developments and trends across various commercial lines, click the button below.

Key Contacts

See all people