Cyber threats have steadily increased in sophistication and scale, with attacks costing the global economy billions every year. Cybercriminals have evolved from lone wolves to groups akin to mid-sized corporations with HR departments and training programmes. Cybersecurity and business’ recognition of the threat have also improved markedly. The battle between cybersecurity and hackers is relentless, with defences constantly evolving just as hackers discover new vulnerabilities or develop advanced tools. Despite the pervasive nature of this threat, it's important to remember that cyber insurance is still a relatively new field. 

When Tokio Marine Kiln started underwriting cyber risks more than two decades ago, we were one of only a handful of insurers to do so globally. Claims data was scarce, but equipped with the expertise and underwriting heritage of a specialist underwriting firm that has been operating in the Lloyd’s market since 1962 - we stepped boldly into a new class of business in which we are today a recognised market lead. Over the past 22 years, and having paid more than $500 million cyber claims, we have seen firsthand the development of the threat and been at the forefront of the evolution of our industry’s capabilities.  

The landscape has undergone a profound transformation. Not least, our relationship with clients. A decade ago, cyber underwriters were viewed warily. We were asking a lot of difficult, probing questions about their security measures while cyber insurance was yet to fully prove its value. This dynamic has shifted markedly to the benefit of all parties. Where once we were seen as peripheral, we are now partners.  

Evolving cyber risk 

The ransomware pandemic at the start of this decade was a turning point. Businesses were hit hard by a tidal wave of attacks and the cyber insurance market paid out billions.  

This year has seen a catalogue of high-profile cyber-attacks in the retail sector that have thrust advanced social engineering and the malicious use cases of AI into the spotlight–as sector-focused attacks start to rise. AI-powered social engineering is enabling more convincing phishing campaigns at scale, making it increasingly difficult to distinguish legitimate communications from malicious ones. Meanwhile, sector-specific targeting has replaced opportunistic attacks, with threat actors developing specialised expertise to exploit industry-specific vulnerabilities in retail, healthcare, and critical infrastructure. Adding to the complexity, third-party vulnerabilities mean breaches now cascade through interconnected supply chains, leaving companies exposed through their vendors' and partners' security practices. 

Responding to the threat 

Our offering has expanded dramatically over time, including new products and service capabilities, and risk transfer is now just one component. From daily vulnerability scanning by our in-house cyber analysts to 24/7 incident response, we provide another pillar to a business’ cyber defences. We work with clients at every stage, helping them improve their defence postures, collaborating with them to close gaps and provide a critical external eye, constantly probing for vulnerabilities. If a breach occurs, we are part of the response. Coordinating, providing counsel and access to an array of experts to help them get back on their feet quickly.  

Today, insurers need to keep pace with technology and arm themselves with data to support clients in the fight against hackers. They also need to have deep sector-specific knowledge to ensure they can partner with clients from retail to manufacturing, construction, utilities, real estate and many more.  

Introducing TMK Cyber Ctrl 

Over the past few months, we have again enhanced our offering to ensure that we continue to keep pace with today’s cyber risk landscape. 

Our next-generation Cyber Ctrl suite is the result. Comprising Cyber Ctrl, Cyber Ctrl PD+, Professional Ctrl, and soon-to-be-launched Enterprise Ctrl, it represents TMK’s most comprehensive and modern cyber protection, blending expert insurance coverage with proactive risk management, rapid incident response and what our brokers say is the market's leading claims service—which is reflected in our nine years of awards for ‘Outstanding’ service and the market’s highest ratings for expertise.  

Alongside numerous new coverages, we’ve added technology, media and E&O cover, under the leadership of Thomas McShane as Head of Technology, Media and E&O.   

As a true lead market, we are committed to offering an unrivalled suite of products, providing expertise at every interaction—from daily vulnerability scanning and risk mitigation to tailored underwriting for industry sectors, and cyber security risk management services, through to claims and rapid incident response. By partnering with our clients, we will continue to do all we can to keep pace with the evolving threat.  

Read our press release about our Cyber Ctrl launch here and find out more about our product here.