If you want a snapshot of how dramatically the cyber landscape has shifted, just look at the headlines.
- A finance employee in Hong Kong wired more than $25 million after joining what he believed was a routine video meeting. The problem? Every person on the call, including his “CEO,” was an AI-generated deepfake.
- A faulty content update from a major cybersecurity vendor triggered one of the largest global IT outages in recent memory, taking down millions of Windows devices across industries—no hackers required.
- And ransomware gangs, no longer satisfied with simply encrypting systems, increasingly skip that step altogether, stealing sensitive data and extorting organizations directly.
Cyber risk management has outgrown its previous designation as just a technical problem handled quietly by IT. Now, it’s a full-scale business risk with operational, financial, and reputational consequences, and your clients are feeling the pressure. As an agent, this is your moment to help them understand what’s really happening, where exposures are growing, and how cyber insurance brokers could help support business continuity in a threat environment that changes by the hour.
Key Takeaways for the Skimmers
- Ransomware has evolved into data theft + extortion, making backups alone insufficient.
- AI is scaling social engineering through synthetic identities, voice cloning, and real-time deepfakes.
- Third-party failures, both security and operational, can disrupt thousands of businesses at once.
- 95% of breaches involve human error, especially in remote/hybrid environments.
- Senior leaders are now high-value targets, with risks extending into personal life.
- Cyber insurance supports continuity, resilience, and recovery, not just financial reimbursement.
The New Cyber Risk Management Reality
Not only are cyber threats more frequent, but they’re also more intertwined, automated, and business-impacting. For agents, understanding the mechanics behind these attacks is crucial to guiding clients.
Ransomware 2.0: Data Is the Leverage
Traditional ransomware was “encrypt and extort.” But as backups improved, attackers shifted. Now they steal data quietly before making demands, threatening to leak sensitive information. They tend to target industries where downtime causes immediate financial pain or hit vendors to pressure hundreds of organizations simultaneously.
The 2024 Change Healthcare attack is a great example. This disruption led to claims processing delays across the country, with medical practices unable to bill insurers for weeks, all driven by data theft, not encryption. It also showed that even a company with perfect backups is vulnerable. Extortion pressure, breach notification laws, and customer impact all drive losses.
AI-Enhanced Social Engineering Offers Precision at Scale
Phishing emails are now the least interesting part of social engineering. Attackers use AI to clone executive voices, create realistic video deepfakes, and impersonate IT teams via phone calls. They can also use tech to their advantage to generate personalized phishing copy, build fake vendor portals, and mine social media to craft believable narratives.
Attacks once considered “sophisticated” now cost almost nothing to deploy. The MGM Resorts breach started with a single vishing call to IT. Slot machines went offline. Hotel systems froze. The company lost an estimated $100M+. While most small and midmarket businesses believe “no one would target us,” they misunderstand the automation behind these schemes. AI has made personalization cheap and easy.
Third-Party Concentration Risk: Dependency = Exposure
Organizations increasingly rely on cloud platforms, SaaS applications, and managed service providers, each of which creates a potential single point of failure.
Three types of third-party events now drive losses:
- Vendor Security Breaches
Attackers compromise a vendor and pivot downstream.
Example: SolarWinds infiltrated U.S. government agencies and Fortune 500 companies through one poisoned update.
- Vendor Outages / Operational Failures
No attacker needed, just a flawed patch or update.
Example: The CrowdStrike outage sidelined airlines, hospitals, retailers, and call centers within hours.
- Supply Chain Manipulation
Attackers hide malicious code in widely used tools.
Example: The MOVEit breach spread through hundreds of organizations via one exploited file transfer platform.
Many insureds don’t understand that vendor incidents can cause six- or seven-figure downtime events, even without a “hack.” Dependent business interruption coverage is becoming essential because today’s attacks overlap. A single breach can trigger extortion, data loss, operational shutdown, third-party claims, and regulatory exposure simultaneously. Cyber insurance needs to mirror that complexity.
The Human Factor Still Drives 95% of Breaches
Despite technological advances, people remain the most common attack vector, especially in remote and hybrid environments. Every home router, personal device, and airport Wi-Fi connection becomes a potential exposure. Attackers know this and target employees outside the protective perimeter of corporate networks.
In addition, the cybersecurity skills gap is growing. There are far more threats than qualified defenders. Most smaller organizations struggle to staff continuous monitoring, incident response, and patch management. Add in IoT devices, outdated systems, outsourced functions, and cloud sprawl, and you’ve got a smorgasbord of vulnerabilities that attackers can exploit faster than organizations can patch.
Executives are the New Bullseye
Executives have become prime targets because they’re public-facing, high-authority decision makers who often work on the go and outside hardened security environments. Attackers exploit their visibility, urgency, and access to sensitive systems through increasingly sophisticated tactics.
Key risks include:
- Executive account takeover that enables payment fraud, data access, or internal impersonation
- Deepfake voice/video scams used to pressure staff into urgent financial or credential-related actions
- Reputation-based extortion involving stolen or fabricated personal information
- Home and travel vulnerabilities such as weak home networks, smart devices, and airport/hotel Wi-Fi
Executive leadership is often the easiest way into the organization, and the costliest point of failure. Policies should account for social engineering, executive compromise, and crisis response support.
Checklist: Conversations to Start With Clients
Consider leveraging these questions to jump-start the conversation with your accounts. It’s never too soon to talk cyber:
- Which vendors touch your data?
- Do you have dependent business interruption (BI) coverage?
- When was your last tabletop exercise?
- Are executives protected at home and on the road?
- How often do employees train?
- Are backups segmented and tested?
- Does your policy cover extortion without encryption?
FAQs
Is cyber insurance still necessary if a company uses strong security tools?
Yes. Many recent disruptions, including CrowdStrike, weren’t caused by threat actors. Cyber insurance covers outages, forensics, reporting, and reputational costs, not just attacks.
Are small businesses really targets?
Increasingly, yes. AI makes large-scale personalized attacks easier and faster to execute, and small businesses typically have weaker defenses.
What’s the biggest mistake clients make?
Assuming cyber risk is an IT problem. It’s a business risk that requires leadership oversight.
Do boards need to be involved?
Absolutely. Governance expectations are rising, and regulators are scrutinizing cyber preparedness more closely.
Jencap: Your Partner in Cybercrime Protection
Cyber liability insurance is the ultimate stabilizer, helping modern organizations:
- Recover from ransomware and extortion
- Restore operations after a systems outage
- Navigate regulatory reporting
- Fund forensic investigations
- Support PR and reputation management
- Restore stolen or corrupted data
- Provide executive and personal cybersecurity services
A well-structured policy protects the business and the leadership team steering it. Ready to elevate your clients’ cyber strategy? Contact Jencap to get started.
