Confronting the next wave of cyber threats: How brokers can bridge critical gaps

Faster, more interconnected, and increasingly difficult to define – the next era of cyber risk is unfolding in 2026, and brokers must be ready to do more than just place coverage.

Global cybercrime costs are projected to exceed $10 trillion annually, according to Cybersecurity Ventures, while IBM has estimated that the average cost of a data breach has climbed to over $4.5 million, underscoring the financial stakes for businesses of all sizes.

Brokers are increasingly called upon to help clients navigate a moving target in which technology, regulation, and threat actors are evolving in real time. Over the next 12 to 18 months, they must recognize several key trends that will reshape how cyber insurance is bought, sold, and serviced.

AI risk moves from theory to reality

Artificial intelligence (AI) is actively reshaping cyber exposure today. According to Garrett Droege (pictured), fintech and digital assets leader for North America at WTW, AI is dominating conversations across the cyber market.

A 2026 Check Point report highlights that global cyber attacks have surged by 70% since 2023, largely driven by AI adoption, with 89% of organizations encountering risky AI prompts. Meanwhile, UNESCO has flagged deepfake-driven fraud as a major threat in 2026, with 37% of fraud experts having encountered voice deepfakes and 29% video deepfakes. AI-generated phishing attacks have also seen a significant surge.

“Insureds are wondering whether their cyber policy covers generative AI-caused losses, and carriers are cautiously assessing their portfolios to gauge systemic risk,” Droege said. “It is a brand-new risk that everyone is trying to understand as quickly as possible.”

The implications are significant. AI-driven threats are not only more sophisticated but also less predictable. Emerging scenarios, such as autonomous AI agents interacting with networks, raise fundamental questions about liability and coverage. If an AI agent acting on behalf of a company creates a vulnerability that leads to a breach, does the policy respond? Are AI agents considered part of the insured?

For now, there are more questions than answers, which means brokers must be prepared to guide clients through ambiguity, ensuring policy wording is scrutinized and expectations are clearly set.

Claims trends highlight coverage gaps

While the technology evolves, many of the most damaging cyber claims remain familiar. Funds transfer fraud, social engineering, and business email compromise (BEC) continue to dominate loss activity across industries. In fact, BEC alone has been responsible for tens of billions of dollars in global losses over the past decade, with incidents increasing in both frequency and severity.

However, these are also the areas where coverage is often most restricted. Stress testing policies against common loss events is becoming essential.

“These threats are frequently sub-limited or excluded,” said Droege. “We see large enterprises with hundreds of millions in cyber limits still facing meaningful sub-limits on key insuring agreements.”

Against this backdrop, claims performance matters more than ever, Droege added. Insureds should closely evaluate and challenge claims service standards and commitments when selecting insurers and partners for their cyber programs. Brokers should be actively challenging claims service standards and ensuring clients partner with carriers that can deliver when it matters most.

Interconnected risk and the rise of vendor exposure

Industry observers have flagged how cyber risk is increasingly interconnected, with third-party vendors often serving as the weakest link. A growing number of losses have come not from the insured’s own systems, but from partners, suppliers, or service providers.

“Many losses end up being caused by third parties, some of whom may not have robust cyber insurance,” Droege said. “Understanding vendor risk transfer is key.”

At the same time, real-time threat monitoring has become table stakes. Cyber events unfold in seconds, not days, and static risk assessments are no longer sufficient. Brokers should be encouraging clients to adopt continuous monitoring tools, integrate threat intelligence, and build proactive response capabilities.

“Managing cyber risk is a 365, 24/7 job. Having access to data and analytics, cybersecurity monitoring, and quality coverage designs is paramount,” said Droege.

InsuranceFest 2026: Bringing cyber conversations to life

For brokers looking to sharpen their cyber expertise, InsuranceFest 2026 offers a hands-on, scenario-driven approach to the industry’s most pressing challenges.

Cyber risk is a central theme across multiple sessions, including “Winning the Cyber Battle with Clients,” where brokers, MGAs, and CISOs unpack how to move beyond fear-based selling and deliver real client value. The session will tackle everything from social engineering and ransomware to third-party risk, offering practical language and frameworks brokers can use immediately.

In “Cyber Crisis Live: What Would You Do?”, attendees will step into a simulated business email compromise incident with a deepfake AI twist. The interactive format highlights how quickly cyber events escalate and why early decisions can determine outcomes. Participants will leave with a draft incident response plan they can take straight to clients.

Cyber is also woven into broader discussions, such as “Specialty Lines Unplugged”, where real-world scenarios explore complex exposures across financial, construction, and cyber risks, and dedicated discussion tables focused on AI, emerging threats, and client education.

Beyond the content, InsuranceFest’s unique beachside setting fosters open, candid conversations.

Register now to secure your place and gain the insights, strategies, and connections needed to lead in the next era of cyber risk.