As the UK cyber insurance market enters a soft phase, Duane Folkard, lead cyber underwriter at rrelentless, explores why lower premiums and broader cover can mask a growing resilience gap, and the critical role brokers play in helping businesses build long-term cyber resilience.
The UK cyber insurance market has been in a soft phase for the last 2-3 years, often characterised by broader coverage and lower premiums. However, this can mask a paradox: cyber risk has reached new levels of complexity, as well as the fact that incident reporting appears to be on the increase. In 2025, there was a surge in ransomware and hacking, and the threat landscape continues to evolve rapidly.
The tension between a soft insurance market and escalating cyber risks has created a defining moment for brokers. In today’s environment, their role extends beyond securing the most competitive premiums; it’s about helping clients build lasting cyber resilience. Ongoing broker education is central to this, equipping them to explain what cyber insurance covers, how it protects and why organisations of every size should see it as essential.
"The tension between a soft insurance market and escalating cyber risks has created a defining moment for brokers."
As attacks become more sophisticated, SMEs often remain the most exposed. Many simply do not have the in-house expertise or infrastructure needed to detect, prevent and respond to incidents effectively. In this climate, brokers can support clients in understanding and championing resilience. They can help policyholders understand how to access cyber insurance that provides not just a financial safety net, but also informs a proactive risk management strategy and long-term business continuity.
The resilience gap in a soft market Despite the heightened threat landscape, uptake of dedicated cyber insurance remains low. The government’s 2025 Cyber Security Breaches Survey shows that 7% of businesses have a specific, standalone cybersecurity policy, and 38% have cover as part of a wider insurance package. This signals a persistent gap between perceived readiness and practical protection, particularly among small and micro-businesses.
"This signals a persistent gap between perceived readiness and practical protection, particularly among small and micro-businesses."
At the same time, supply chain incidents show how vulnerabilities in even a single vendor can trigger significant financial and operational consequences for smaller firms. One example is the production disruptions affecting Jaguar Land Rover, where a cyberattack halted operations for six weeks and cost the UK economy an estimated £1.9bn at the time of writing.
Yet many businesses can remain unaware of the scale of their exposure, or of the proactive steps they could take to strengthen their resilience. The soft market, therefore, becomes not just an opportunity to secure favourable terms, but a window for brokers to educate clients on why resilience, not just cost minimisation, should be a guiding priority in meeting their coverage requirements.
From reactive protection to proactive resilience Across the market, there is growing awareness that traditional models of cyber insurance, which often focus primarily on post-incident financial reimbursement, are not always sufficient for building long-term resilience. While not yet standard, more providers are adopting holistic, resilience-oriented models that combine financial cover with risk management support, staff training, and incident response planning. Some policies, such as rrelentless’ offering, even champion a collaborative model to ensure businesses aren’t just insured, but genuinely prepared.
From reactive protection to proactive resilience Across the market, there is growing awareness that traditional models of cyber insurance, which often focus primarily on post-incident financial reimbursement, are not always sufficient for building long-term resilience. While not yet standard, more providers are adopting holistic, resilience-oriented models that combine financial cover with risk management support, staff training, and incident response planning. Some policies, such as rrelentless’ offering, even champion a collaborative model to ensure businesses aren’t just insured, but genuinely prepared.
This type of holistic model can enable policyholders to access practical resources such as incident-response guidance, risk-analysis tools, eLearning modules, legal advisory support and step-by-step frameworks for meeting recognised standards. By incorporating these services into the policy itself, the industry can help organisations enhance their cyber hygiene, mitigate vulnerabilities and manage incidents more effectively.
"Some policies, such as rrelentless’ offering, even champion a collaborative model to ensure businesses aren’t just insured, but genuinely prepared."
For brokers, these tools become invaluable in strengthening client relationships. They enable deeper conversations about risk, support more informed decision-making and further contribute to the broker’s position as a strategic adviser and intermediary.
Education: the broker’s competitive edge The resilience gap is particularly significant for small and micro-businesses, which can be less likely to have standalone or cyber-specific insurance, access to external cyber-security support, or formal, documented cyber-policies and business-continuity plans. This is where broker education becomes a decisive differentiator. Brokers who can clearly articulate the nature of emerging threats, explain the operational impact of a cyber incident and outline how proactive tools can mitigate exposure are better placed to guide clients through a potentially confusing and fast-moving landscape.
Across the UK market, there has been significant investment in equipping brokers with practical tools and training. They can participate in workshops, product sessions and learning programmes designed to deepen their understanding of cyber risk and give them confidence when discussing resilience with clients. This commitment to education is proving essential in closing the SME knowledge gap and helping brokers elevate the conversation beyond price alone.
"Brokers who can clearly articulate the nature of emerging threats, explain the operational impact of a cyber incident and outline how proactive tools can mitigate exposure are better placed to guide clients through a potentially confusing and fast-moving landscape."
What brokers can do next As the soft cycle continues, the temptation to chase lower rates may remain strong. However, in the long term, resilience-first models could define the most trusted broker relationships. By working with providers that combine financial cover with proactive tools and education, brokers can safeguard both client well-being and portfolio stability.
For those developing these models, the priority is to extend integrated resilience frameworks into broader areas of commercial risk, while maintaining a focus on prevention, digital innovation and broker empowerment. Resilience is about creating clients who are confident, informed and capable of managing risk. That is how brokers add lasting value in a soft market.
