Add as a preferred source on Google
Paper Logo

Research shows cyber insurers are paying earlier and more consistently than critics claim

“When you look at the scale of losses organisations are facing, it becomes clear why cyber insurance is more essential than ever, and it is equally clear that insurers are stepping up, not stepping back,” says Cwane.

Source Ambani

Wednesday, 25 February 2026, 05:54
Share
Research shows cyber insurers are paying earlier and more consistently than critics claim
Reports from Sendmarc show that 40% of Business Email Compromise (BEC) attacks are now AI-generated. Image: Canva

BUSINESS NEWS - Amid growing public debate over whether cyber insurers are becoming increasingly reluctant to pay out, industry experts warn that this narrative is not only inaccurate but potentially harmful for organisations already facing unprecedented levels of digital risk.

“The idea that cyber insurers are looking for excuses not to pay claims simply does not reflect reality. The data shows the opposite: insurers are paying earlier, paying more consistently and expanding coverage to meet the scale and complexity of modern cyber incidents,” says Lwando Cwane, Cyber Product Head at iTOO Special Risks.

Cwane’s comments come at a time when global cybercrime is accelerating at a pace that outstrips most organisations’ defensive capabilities. 

According to the World Economic Forum’s Global Cybersecurity Outlook 2026, 73% of executives experienced cyber-enabled fraud in the past year, while 87% reported that AI-driven vulnerabilities are now the fastest-growing cyber risk. 

Supply chain attacks, geopolitical volatility and AI-powered phishing have created a threat landscape that is both unpredictable and increasingly costly.

The IBM Cost of a Data Breach Report 2025 reinforces this picture. While global breach costs have fallen slightly due to faster detection, the United States saw costs surge to over $10 million (R160 million) per incident, and 16% of all breaches now involve attackers using AI. Shadow AI alone added an average of $670 000 (R10.7 million) to breach costs.

“When you look at the scale of losses organisations are facing, it becomes clear why cyber insurance is more essential than ever, and it is equally clear that insurers are stepping up, not stepping back,” says Cwane.

He notes that one of the most persistent misconceptions is that insurers decline claims on technicalities such as outdated patching or imperfect controls.

“In practice, we routinely fund the initial response even when the insured has breached certain conditions. We cover forensics, containment, legal support and crisis management, because stabilising the business is the priority. That is a claim being paid,” he explains.

This aligns with IBM’s findings that 50% of breaches are now identified by internal security teams, supported by insurer-funded tools and services. Faster identification and containment directly reduce losses, a benefit that would not be possible without the involvement of insurers.

“Even in cases where the full claim cannot be honoured, we still pay substantial upfront costs to help clients regain control of their systems and resume operations. That is the opposite of refusing to pay,” Cwane adds.

Some insurers are even enhancing their policy wording to counter the narrative of insurer cost-cutting.

“These enhancements are designed to remove uncertainty, widen protection and support clients holistically, including financially, operationally and even emotionally. If insurers were trying to avoid paying claims, we would not be broadening coverage in this way,” says Cwane.

Reports from Sendmarc show that 40% of Business Email Compromise (BEC) attacks are now AI-generated, while global ransomware losses continue to escalate, with one Fortune 50 company paying a record $75 million (R1.2 billion) ransom. In South Africa, 47% of organisations experienced multiple cyber incidents in the past financial year, with phishing and credential theft dominating.

“The real challenge is not insurers refusing to pay, but that attacks are becoming more sophisticated, more frequent and more destructive. Our role is to help organisations survive these events, recover quickly and build resilience for the future,” Cwane explains.

He emphasises that cyber insurance remains one of the most reliable mechanisms for managing catastrophic digital risk.

“Cyber insurers are paying claims, and we’re paying them when they matter most. The industry is evolving, not retreating. And insurers are committed to being part of the solution, not part of the problem,” Cwane concludes.

‘We bring you the latest Garden Route, Hessequa, Karoo news’ 

Read more about: cyber insurance insurance finance

Support local journalism

Add George Herald as a preferred source to see more of our reporting in Google News and Top Stories.

Add as a preferred source on Google
Follow on Google News
Add as a preferred source on Google
Follow on Google News
Back to Top

More Group Editors Publications & Online Platforms

PapersImages
PapersImages
PapersImages
PapersImages
PapersImages
Press Council Fair Logo

George Herald proudly displays the “FAIR” stamp of the Press Council of South Africa, indicating our commitment to adhere to the Code of Ethics for Print and online media which prescribes that our reportage is truthful, accurate and fair. Should you wish to lodge a complaint about our news coverage, please lodge a complaint on the Press Council’s website, www.presscouncil.org.za or email the complaint to [email protected]. Contact the Press Council on 0114843612.

Press Council Fair Logo
Disclaimers | Contact Us

Copyright 2026 Group Editors Company (Pty) Ltd, Registration Number 1963/002133/07 t/a George Herald