2026 January 14
With 2026 having already kicked off with a high-profile cyber-attack in New Zealand, we reflect on some of the key cyber insurance trends from 2025 and look at key risk issues for businesses to think about this year.
Despite New Zealand businesses seeing an increase in cyber incidences in 2025, with 53% of businesses reporting suffering an incident of varying degrees, the cyber market saw a strengthening of existing cyber insurance products and more competitive premiums due to increased competition in the local New Zealand market. Cyber incidents are relatively evenly spread across all industry types, however, manufacturing and retail saw an increase in cyber incidences and claim costs in 2025.
Human error a key factor
Insurers reported that the highest frequency of claims was due to human error, mainly in the form of business email compromise. This includes social engineering losses, in which an employee transfers money to a cyber-criminal whom they believe to be a supplier, customer, or executive at the company; or unauthorised access to emails and systems via phishing emails. This highlights that, whilst cybersecurity in New Zealand continues to improve at all levels, human error remains a key cyber risk.
Claim costs increasing
Insurers have also noted that ransomware claims have seen a slight decrease in frequency, but the severity and cost of associated claims have increased. These claims costs are primarily driven by corresponding business interruption costs, which includes lost income during the outage plus reasonable extra expenses to keep operations running, mitigate downtime, and to restore normal business activities. One insurer reported that 70% of uninsured small-to-medium enterprises (SMEs) in New Zealand & Australia that received a ransom letter would not survive into the following year, with the associated business interruption costs being a driving factor.
The Manage My Health incident, which hit the headlines in early January, is a stark reminder of the importance of organisations having cyber insurance cover.
As highlighted in the above example, utilisation of cloud-based services as part of an entity’s general IT systems, including data storage, has become an increasingly integral part of modern business practices. It will be important for SMEs in particular to consider what impact an outage or cyber-attack at a cloud provider could have on their operations. This also includes ensuring any applicable contingent business interruption exposure is correctly identified and covered.
More ransomware attacks anticipated
Globally, it is further expected that cyber threat actors will put greater focus on evading defensive cyber security measures and prioritise ransomware attacks; as these will cause the most disruption to a business which will place more pressure on making a ransom payment. Ransomware operators, such as Akira, will continue to utilise AI tools and pre-ransomware intrusions to identify “zero-day vulnerabilities”, which are hidden flaws in software that hackers can exploit before a developer knows about it or has time to fix it.
Whilst the cyber landscape is fluid and continues to evolve at increasingly rapid rates, we forecast that the current soft market conditions will continue into at least the first half of the year, which makes it an opportune time for New Zealand businesses to purchase strong coverage at competitive pricing.
If you have any questions or concerns about your cyber insurance cover or are looking to purchase cyber insurance for the first time, please contact our Liability team -
liability@icib.co.nz
0800 644 444