Coalition executives say that by 2026, cyber risk will be defined less by isolated breaches and more by hidden interdependencies that lead to associated systemic losses, forcing reinsurers/insurers to demand deeper technical clarity, tighter underwriting discipline and a broader underwriting response.
Several Coalition executives shared their views on the cyber landscape in 2026, expressing a common sentiment that the industry is approaching a critical moment.
Rising systemic and supply chain risks, increasingly complex cloud dependencies and changing privacy regulations are challenging traditional underwriting approaches, while softer market conditions underscore the need for rigorous risk assessment and innovative policy features, suggesting clarity and differentiation will be key for reinsurers in the year ahead.
Diana Liu, head of underwriting at Coalition Re, commented: “Increasing pressure on systemic risk accumulation will drive market pressure for further clarity on risks. As the growing risk accumulation creates a greater destabilizing force on the global financial system, systemic cyber risks will come under greater scrutiny.
“As market exposure continues to expand, current aggregation methods—often limited to industry, revenue, or geographic groupings—will increasingly be unable to keep up with the scale and complexity of digital interdependencies.
“Sector-specific Mini Cats will further expose these shortcomings, pushing reinsurers to take a more transparent, data-rich view of their digital portfolios.
“To protect against systemic failures, cyber reinsurance markets will be forced to capture correlations stemming from shared software, common vulnerabilities and centralized cloud dependencies. Effective risk transfer and smarter deployment of capital will require a shift to technology-based aggregation models that reflect real-world digital dependencies.
“As we approach 2026, the need for deeper risk clarity will accelerate as carriers and cedants recognize that broad portfolio characteristics are no longer sufficient to curb systemic accumulation.”
“Cyber underwriting will focus on business interruption for cloud infrastructure,” said Tiago Henriques, chief underwriting officer at Coalition.
“After a year of severe outages, when thousands of websites and servers were affected simultaneously, cyber insurers will increasingly focus on mitigating aggregate risk.
“Incidents like CrowdStrike and the AWS outage, which were caused by technical glitches rather than attacks, highlight the risks that enterprises still face if they lack a multi-region or multi-cloud strategy, which many enterprises may not adopt due to limited resources.
“These outages expose broader gaps in the market’s ability to assess, model and ensure cyber dependencies; technical debt and infrastructure vulnerabilities are often overlooked by enterprises and insurers in the underwriting process.
“To remain profitable, insurers will need a deeper understanding of technology interconnections, critical dependencies and how they translate into associated loss potential. This knowledge will enable underwriting to directly address business disruption risks associated with cloud software and other systemic technology failures.”
Anne Juntunen, senior claims manager at Coalition, noted: “Improper collection claims will increase as opportunistic claimants take advantage of statutory damages.
“Due to rising awareness of state privacy laws and wiretap statutes, which allow individuals to seek statutory damages for improper data collection.
“While demand letters and lawsuits have historically come from well-resourced law firms targeting high-traffic or complex websites, a new wave of opportunistic claimants are emerging who recognize that automated or template-based letters can be profitable.
“By 2026, as privacy compliance becomes more fragmented and tracking technologies become more sophisticated, businesses that lack clear disclosures, appropriate consent mechanisms, or oversight of third-party marketing and analytics tools will be most at risk.
“Without proactive measures—reviewing network technologies, tightening vendor contracts, and strengthening consent processes—organizations may see a significant increase in privacy-related third-party claims.”
“Continued market weakness will test underwriting discipline and favor product differentiation,” said Shawn Ram, chief revenue officer at Coalition.
“The soft network market is likely to persist into 2026, with falling interest rates and aggressive pricing strategies intensifying competition. Even as operators chase growth, underwriters need to remain alert to ongoing aggregate risk and systemic tail risks that discounted premiums may mask.
“As core policy terminology converges, price and coverage will no longer individually define competitive advantage. Instead, differentiation will shift to value-added capabilities: stronger security enhancements, richer intelligence and more sophisticated breach response services that directly help policyholders reduce risk.
“In 2026, softer markets will reveal which carriers have the underwriting rigor needed for sustainable growth without sacrificing profitability. Carriers that rely too much on ad hoc claims trends will face greater volatility if cyber incidents increase or change in severity. The long-term stability of the market will depend on rigorous assessments and carefully calibrated models, rather than short-term fee reductions.”
Kyle Bryant, international director at Coalition, concluded: “Aggregation of supply chain risks will drive insurers to expand cyber protection.
“The cyber insurance industry’s focus on single-supplier outages obscures a larger systemic threat: customer aggregation risk. Incidents such as the Jaguar Land Rover (JLR) attack demonstrate how exposed downstream suppliers are; when a small manufacturer’s primary buyer is disrupted sufficiently to trigger government intervention, they suffer significant financial losses.
“Current policies rarely address the financial losses suppliers suffer when critical customers experience a cyber incident and orders suddenly come to a halt. Relying on suppliers to buy their own limited insurance has proven to be both inadequate and unsustainable.
“By 2026, growing concerns about customer aggregation risks will prompt insurers to broaden policy boundaries and introduce clearer protections for disruptions to dependent customers, reshape how cyber policy addresses connected supply chains, and reset expectations for unexpected cyber risk transfers.”