UK cyber insurance market ready to compete again

Cyber market shifts as mid-market demand, blended products and regulation rise; capacity favours firms with proven resilience and controls.

After several years of steep rate hikes and tighter terms, the UK cyber insurance market is showing signs of renewed competition. Digital transformation, shifting appetites and an unrelenting wave of cyberattacks are reshaping both demand and supply.

“The UK cyber market has re-entered a competitive phase after the hardening period of a few years ago,” said Bobby Fox (pictured), cyber underwriter at Arch Insurance International. According to industry data, prices on primary layers fell 7% in the first quarter of 2025, echoing broader European trends. For buyers, this shift marks a clear break from the steep increases of recent renewal cycles.

“Companies with robust cyber strategies are seeing more favourable rates and broader coverage.” 

That softer backdrop gives risk managers more leverage. They are pushing for higher limits, broader terms and, in some cases, revisiting exclusions tightened during the hard market. 

Yet caution still prevails. “While buyers are seeking greater flexibility on limits and terms, insurers continue to assess each risk very carefully,” Fox stressed. 

“Companies with robust cyber strategies are seeing more favourable rates and broader coverage. However, sectors with high ransomware exposure continue to face tougher scrutiny and more differentiated pricing.”

This balancing act plays out against a stubborn reality: underinsurance. Despite rising attack volumes, the UK still lags far behind the US. “According to a recent UK government survey of breaches, less than half of businesses reported being insured against cybersecurity risks,” Fox noted. “This highlights the significant growth potential that exists for the UK insurance market.”

Much of that growth sits in the mid-market. Companies that once assumed cyber was a “big corporate” issue are now buying cover for the first time or reviewing their limits. Fox pointed to “renewed scrutiny of coverage sufficiency and more rigorous due diligence on limits” after high-profile incidents. Demand is also expanding in retail, utilities and manufacturing, where digital transformation is reshaping exposures.

Another visible trend is blended products. “We’re seeing increasing demand for blended solutions that combine cyber protection with elements of technology E&O,” Fox said. For technology-driven firms, the line between operational risk and cyber exposures is often blurred, making integrated solutions especially appealing.

Ransomware, AI and the next wave of cyber threats

Yet growth brings fresh pressure. Ransomware remains the main driver of loss severity, with 2025 already producing several high-profile cases. “Ransomware continues to dominate loss severity with attackers also capitalising on AI to exploit vulnerabilities faster,” Fox warned. Insurers are therefore probing security controls in ever greater detail.

“At Arch, we focus heavily on how clients manage key controls such as multi-factor authentication, privileged access, patching and back-ups,” he explained. “Companies with clear, demonstrable controls and risk mitigation strategies in place are better positioned to secure favourable terms.”

Fox explained that retail, in particular, has become a clear target, and the noticeable uptick in cyber activity targeting the UK retail sector had further highlighted how vulnerable consumers have become.

Against this backdrop, Arch is doubling down on its role as a partner. “That means ensuring we provide direct access to our cyber underwriting teams in London, have open dialogue on risk appetite and provide clear guidance on coverage structures,” Fox stated. “We want to make placements straightforward for brokers and ensure clients get not just capacity, but also comprehensive advice, expert claims services and robust incident response support before, during and after an incident.”

On the capacity front, Arch can deploy up to £10 million per risk across both its own company and Lloyd’s platforms, but discipline remains central. “We deploy that capacity carefully, based on a targeted underwriting approach and clear risk appetite.

“We aim to ensure that our pricing is competitive and in line with broader market conditions but also adjusted to reflect the unique loss experience of the company as well its exposures. 

“Ultimately, we take a solution-led approach and look to work collaboratively with our brokers to ensure the most relevant and adequate coverage is provided for our clients.”

Differentiation is another focus, and Arch offers both company and Lloyd’s headed paper, integrated products that combine cyber, technology E&O and media liability and a dedicated in-house claims team. “Our service-led approach is supported by a dedicated in-house claims team with extensive experience in managing UK cyber claims, ensuring prompt and practical support, alongside full-service pre and post-breach capabilities,” Fox said.

Global scale strengthens this. “Arch is one of the leading global providers of cyber insurance and we continue to invest in the sector globally with a commitment to the class and our clients.”

Looking ahead, Fox expects both challenges and tailwinds. Ransomware will remain front and centre, fuelled by AI and automation. Reliance on a handful of cloud and tech providers also poses systemic risks.

At the same time, regulation and analytics might tilt the balance. “New regulations and heightened cyber risk awareness are prompting more firms to purchase cover,” Fox said.

“Advances in data and analytics mean insurers can better reward clients that invest in strong cyber controls.” The UK’s proposed Cyber Security and Resilience bill could accelerate this shift, driving a “broader market adoption of cyber insurance” and pushing underwriting standards higher.

Artificial intelligence itself cuts both ways, and Fox urges the industry to keep pace with emerging risk patterns, such as the growing role of AI in cyber threats, “both in automating attacks and in enabling more sophisticated social engineering”.

The UK cyber market’s outlook is therefore not only competitive, but complex. The winners will be those that can balance growth with discipline, adapt to evolving threats and combine capacity with genuine partnership.

Did you get value from this story?  Sign up to our free daily newsletters and get stories like this sent straight to your inbox.