In a nutshell: Falling cyber insurance premiums are offset by expanded exclusion clauses, resulting in reduced actual coverage.
Cyber insurance premiums are dropping, yet insurers are simultaneously restricting their benefits through additional exclusion clauses. Many policies, for example, offer no protection against social engineering attacks such as ClickFix.
The cyber insurance market is undergoing restructuring: while premiums fall, insurers are deliberately expanding their carve-outs. Social engineering attacks in particular, such as ClickFix – in which users are tricked into downloading malware themselves – are increasingly excluded from coverage.
For CISOs, this represents a dual risk situation. The ostensibly lower insurance costs must not obscure the actual reduction in benefits. Social engineering vectors in particular are among the most common attack types and therefore require explicit insurance coverage to fully protect security investments.
When negotiating or evaluating cyber insurance policies, CISOs should systematically review the following points: What types of attacks are explicitly excluded? What vulnerabilities (zero-days, misconfigurations) are not covered? How do exclusion clauses affect the real-world threat landscape? A cheaper policy with broad gaps ultimately provides less protection than a more expensive one with comprehensive coverage.
Source: www.darkreading.com · Published 3 June 2026
Lumi AI News — AI-assisted curation in accordance with Art. 50 EU AI Act. Paraphrasing and classification by Lumi News Pipeline v1.2.9.