#cyber-insurance

#cyber-insurance

"The first half of this year was an extraordinary moment in time for M&S. However, the underlying strength of our business and robust financial foundations gave us the resilience to face into the challenge and deal with it. We are now getting back on track,"

Organizations using Cisco and Citrix VPN devices were nearly seven times as likely to suffer a ransomware infection over a 15-month period, according to At-Bay, a provider of cyber insurance and a vendor of managed detection and response products. "When compared to businesses without a VPN detected, organizations using Cisco or Citrix were 6.8X more likely to fall victim to an attack," according to At-Bay's 2025 InsurSec Report [ PDF], which notes that Cisco and Citrix held the top spots in last year's report, too.

In the recent M&S breach, only £100 million of cyber insurance was in place, far short of the £300 million in damages incurred, leaving the retail giant significantly underinsured. With more retailers relying heavily on online operations and third-party platforms, the financial impact of operational downtime from data breaches can be severe and widespread. Yet many businesses still lack adequate-or any-cyber insurance.

Artificial intelligence (AI) is everywhere - in legal research tools, in "smart" assistants that draft contracts, and, if we're honest, probably in that partner's suspiciously polished brief. The legal profession can't avoid it, and neither can the insurance industry. But while cyber insurers are, somewhat surprisingly, holding firm on AI risks, other key coverage lines are quietly changing - and not in your favor.