Arctic Wolf Research: Cyber Insurance Driving Security Needs

The 2025 Cyber Insurance Outlook, released by Arctic Wolf this week, shows cyber insurance firms are increasingly looking to partner with or provide their own security services to keep insured clients protected from the modern threat landscape. 

We spoke with Kevin Kiser, the senior director of strategy focused on incident response at Arctic Wolf, to learn more about the findings.

Study shows insurance brokers are focusing more on the security posture of orgs

Artic Wolf’s research is based on a survey of 400 professionals from insurance broker and carrier companies across parts of North America, Europe, and New Zealand. This marks the first time the company has spoken exclusively to brokers and other insurance professionals; in previous versions of this outlook, they also surveyed IT professionals.

Kiser says this provides Arctic Wolf, and anyone reading this report, with a clearer picture of how brokers and insurers approach security from their perspective.

“My hope is that this report becomes an asset for how IT and security teams advocate for themselves and their needs within the organization, because they’ll be able to see how much of their work supports what insurance brokers want to see from clients they insure,” Kiser said.

“I also hope it reinforces that companies like Arctic Wolf are leaning into broader ecosystems to bridge these worlds,” he continued. 

Arctic Wolf has a team dedicated to building partnerships with leading insurance carriers and firms to leverage their insights while supporting channel partners and mutual customers.

AI-related risks join ransomware as priorities

It should come as no surprise that ransomware attacks continue to top the list of both claims made in the last year and ongoing concerns for most organizations.

On average, ransomware attacks accounted for around 18% of insured’s claims in the past year. In addition to ransomware attacks, the most common claims involved data breaches, theft of funds, and phishing incidents – including business email compromise (BEC) scams. 

Additionally, whether a company chooses to make a ransomware payment after being attacked has serious implications for its policy. 90% of policies include some form of ransom payment coverage, but 52% only offer partial coverage, according to the report.

Moving forward, AI-related issues are also likely to end up on the shortlist of concerns, although there will be nuance in how those are addressed in the event of an issue, Kiser says.

The report says that those surveyed “also cite many organizations’ current lack of governance around the use of AI tools as a major concern, considering how this technology can lead to risk of vulnerable data being exposed and a breach of data protection regulations.”

“Ultimately, a lot of the industry is starting to ask whether claims will continue to increase as threat actors become more efficient in how they use AI tools [to carry out attacks], but there are also concerns with just how an organization uses AI,” said Kiser. “When we’ve talked with experts, though, they have explained that if something goes wrong during an AI implementation, for example, that might actually fall under business liability coverage, so there’s also nuance in which types of policy cover certain aspects of this.”

The opportunity for channel partners, and how Arctic Wolf plans to help the channel succeed

One of the most obvious ways MSPs can support their clients’ needs is by ensuring they have deployed the most highly requested security solutions that carriers want to see before agreeing to a coverage policy.

According to the report, those are the following:

• Email security is the most common across respondents, with 63% saying it is a requirement for their policy
• Network security and data backups come next, at 57% and 52%, respectively
• MFA was required by 46%, followed by a 24/7 SOC or MDR solution at 43%

To implement the proper technology, insurers are increasingly developing ways to provide services to their clients.

According to the research, 71% of insurance brokers reported they were partnering with cybersecurity providers to better support their clients, while 94% offer some form of proactive assistance or support, either via in-house services or by directing their clients to service partners.

That inclination to bring other providers into the fold presents a significant opportunity for security-focused MSPs to expand their expertise to more customers through brokers’ referrals.

This also mirrors recent conversations throughout the channel that emphasize the need for MSPs to engage with their clients on a more nuanced and business-focused basis. Kiser highlights that cyber insurance conversations are a joint effort between IT and financial teams, often with C-suite and board demand. 

Partners who can bridge those groups together with a common language and understanding of both the technical needs and insurance outcomes tied to security will position themselves as true strategic advisors for these clients.

“These worlds are colliding right now because organizations need to have better alignment between the IT and security teams and the financial leaders, who are all working on the same goal but can have different perspectives and have not historically talked to each other much,” Kiser said.

From Kiser’s perspective, he sees partners already engaging with these next-generation needs and says Arctic Wolf remains committed to fostering connections and opportunities for the channel.

“I’ve been continuously impressed by the interest and desire to learn that the IT world has shown for this topic,” Kiser said.