18 Sep 2025

Cyber insurance lessons from recent high-profile cyber attacks

In the wake of a recent rise in high-profile cyber attacks, the need for cyber insurance has never been more important. Over recent months, major UK retailers have fallen victim to increasingly sophisticated cyber attacks.

Recent cyber attacks

One of the most highly publicised cases this year was the cyber attack on Marks & Spencer over the Easter period, which triggered disruption across its operations and continues to do so months later. M&S was also forced to suspend its online clothing business and faced significant supply chain disruption to its food stores.

Crucially, the company revealed that the breach, which also involved the theft of customer data, was not the result of technical failure, but human error. This highlights that even the most sophisticated IT and cyber security systems can’t fully eliminate risk. People remain the weakest link in cyber resilience, and without a comprehensive risk management strategy (with a focus on staff training/awareness) and cyber insurance, businesses leave themselves exposed.

The financial repercussions of cyber incidents can be severe. As well as a hit to profits and disruption, businesses may also be liable for fines for data loss, the cost of litigation and cyber security improvements, and the need to reduce costs in the future to offset the impact on profits.

During the same period, other major retailers were also targeted by cyber criminals, in attacks that similarly disrupted operations and exposed sensitive data. While each incident differed in nature, a clear trend is emerging: attackers are becoming more strategic, opportunistic, and sophisticated. The National Cyber Security Centre has warned that it expects the use of AI in cyber attacks to be likely to equate to an increase in frequency and severity of cyber threats over the next two years.

It's not just the tech infrastructure at risk, but brand reputation, customer trust, and operational continuity.

How can cyber insurance help?

In the Life Sciences and Technology sectors, where companies often handle sensitive clinical data, proprietary research, and regulated digital systems, the impact of a breach can extend far beyond financial loss. Regulatory penalties, delays in product development, and erosion of investor and public confidence are real risks.

As well as covering financial losses, a well-structured cyber insurance policy provides access to expert breach response teams, legal counsel, public relations support, and business continuity planning. These resources can be the difference between a swift recovery and long-term damage.

Considering recent events, some insurance industry analysts expect cyber insurance premiums to rise in 2026 and insurers to impose stricter controls on the insured, as underwriters reassess the frequency and severity of claims. However, at present, cyber insurers are offering lower premiums than in 2024, so now is an ideal opportunity for businesses to review their protection against unwanted cyber attacks.

The lessons from recent cyber attacks are clear; cyber security, risk management and training are critical in defending against cyber attacks. However, it's equally important to recognise that you cannot totally eliminate the human factor. This is where cyber insurance steps in to protect the long-term viability of your business, where reputational damage can be significant.

To discuss cyber insurance for your business, speak to Alan Boswell Group on 01223 324233.

Return to listing

21 Jul 2025

CWTEC: 6G Anarchy in the UK – how does the UK get what it needs in the 6G era?

Cambridge Wireless’ annual Technology and Engineering Conference (CWTEC) centred this year on one bold theme: “6G Anarchy in the UK – how does the UK get what it needs in the 6G era?”

CW News

10 Jul 2025

Event Summary: Robotics – Shaping the Future with Intelligence and Connectivity

CW News

More News