Just as brokers were beginning to adapt to cyber insurance market volatility, an unexpected development surfaced: premiums started dropping, despite cyberattacks surging to record levels. For years, escalating ransomware incidents and data breaches pushed premiums higher and made coverage harder to obtain. Today, however, insurers are continuing to reduce prices – even as cyber threats become more frequent and sophisticated.
Insurance Business asked local cyber specialists to explain this situation and the implications for cyber resilience and insurance profitability in Australia. So far, according to industry reports like Aon’s July cyber market update, despite a recent deterioration in loss ratios, cyber insurers are still reaping a very healthy 50 points of margin. Anthony Smit (pictured above, left) suggested this insurer profitability, as measured by metrics like insurance margins and claims ratios, is key to understanding what can appear at first to be an anomaly.
“I'm not sure there is an anomaly,” said the WTW cyber risk and insurance consultant. “The insurance market runs in cycles, which is driven by the claims ratio.”
He said the root causes of the current situation date back to 2019.
“Following on from the substantial increase in ransomware in 2019 and then we had COVID-19 in 2020 – the dollar value of claims skyrocketed, with a number of insurers either pulling back or out of the market completely,” said Smit.
That caused premiums to increase dramatically which needed to decrease once the claims ratio normalized. Now that this is happening, the market is attracting new cyber insurance players which is bringing down premiums.
Smit summed it up as follows:
“As the claims ratio came down it became a lot more attractive for new entrants so with the increased capacity and lower claims ratio this results in bringing premiums down,” he said.
Smit referred to US cyber data that showed the claims ratio in 2023 was 42% indicating, he said, “the massive over correction in premiums collected to recover or correct claims ratios post 2020.”
However, he pointed out that claims and premiums are “a lagging indicator” and said last year’s ratio was closer to 49%. The key drivers behind that number include Crowd Strike, Change Healthcare and retail incidents like the cyber attack on Marks and Spencer.
“So there is a change on the horizon and potential correction,” said Smit.
Scott Wilford (pictured above, right), executive director of Oracle Group Insurance Brokers pointed to other factors driving profitability in the cyber market despite the high number of claims.
“You're getting people who are now engaged and focused on risk management first and insurance second, which is really important,” said Wilford.
He said, compared to years past, clients can now get access to scanning systems and also cyber experts when they need them. Brokers are also playing a more effective role, he said, thanks partly to efforts from insurers.
“I would also like to emphasise that insurers are becoming increasingly proactive in cyberspace by providing tools and training to brokers,” said Wilford. “I have never seen insurers being as productive with cyber insurance as they are now.”
In fact, the Oracle leaders said he’s never seen insurers being so proactive with any insurance product before.
He also said the cyber market has been fortunate over the last year.
“We're also quite lucky that the claims numbers haven’t been higher but those larger claims haven't been there for ransomware attacks,” he said.
Smit said from a reinsurance perspective, the market is currently strong and cited Gallagher Re’s Reinsurance Market Report for the first half of 2025. That report found that the global reinsurance industry capital hit a new high of US$805 billion reflecting a 4% growth year on year.
“When you look at any sort of insurer, normally, between 25% and 40% of the cost of risk is reinsured so if there's stability there, it indicates price stability and extra capacity,” he said.
Both Smit and Wilford suggested that, at least for the immediate months ahead, the cyber market could continue to see some rates drop.
“I think it’s still going to be flat and could still even come down to a certain extent but there are indications that things are changing,” said Smit.
Wilford said the softening in cyber is reflected “across a lot of lines of business at the moment.”
He said the market is in an acquisition phase, the likes of which hasn’t been seen for many years.
Australia’s cyber insurance sector could be at a pivotal crossroads. Although declining premiums appear at odds with the escalating frequency of cyber incidents, a mix of ample capacity, increased adoption and deeper risk understanding has fostered a period of relative stability. For brokers and insurers, this offers a chance to bolster cyber resilience, enhance client education and fine-tune underwriting approaches – preparing the market for whatever shifts may lie ahead.
