The Cyber Industry Steering Group was created to help the industry better navigate the dynamic cyber risk landscape, manage cyber accumulations with increased confidence, and deepen the market's understanding of systemic risks and tail exposures.
This group believes that by advancing the industry’s understanding and quantification of cyber risk, this will help to attract capacity and support the market’s growth.
This group is conducting important primary research, developing improved cyber risk assessment tools, and leading a series of market education initiatives.
The NetDiligence Cyber Risk Summit convenes cyber insurance, legal, and security professionals for focused discussion on coverage, compliance, claims trends, and the evolving legal and regulatory environment. Featuring more than 100 speakers from cyber insurance, data security technology, and data breach law, the programme explores sector‑specific risks, loss experience, emerging threats, and practical risk management challenges. The Summit combines expert‑led panels with extensive networking opportunities in the heart of San Diego.
May 19th - 20th, 2026
Moody’s Exceedance 2026 features a focused cyber agenda within a broader programme for property, casualty, and specialty insurance professionals. Across six cyber breakout sessions and a technical workshop, Moody’s will explore Cyber Solutions Version 10, Cyber Modeler on the Intelligent Risk Platform, catastrophic cyber event scenarios, exposure management practice, Moody’s and Bitsight innovation, targeted attacks, malicious cloud, and single-point-of-failure modeling. The wider event also includes keynotes, demos, workshops, and sessions across catastrophe modeling, underwriting, portfolio management, and emerging areas of insured risk.
June 1st - 4th, 2026
The NetDiligence® Cyber Risk Summit in Philadelphia is attended by cyber insurance, legal/regulatory, and technology leaders from all over the globe. A premier education and networking event, this conference features three days of workshops and panel discussions by leading cyber experts who share their insights on hot topics, trends, and cybersecurity concerns. Connect with leaders in cyber risk and privacy liability and learn from their experiences on current and emerging concerns in the ever-changing cyber landscape.
October 5th - 7th, 2026
Ascot’s Cyber and Professional Liability Insurance Solutions are created to protect against evolving cyber exposures and business threats facing today’s organizations. We provide a variety of innovative pre-breach tools and solutions, with access to Ascot’s partnership, including world-class breach response providers.
The AXIS Cyber team underwrites primary and excess cyber insurance globally. With extensive insurance and cyber security knowledge, we offer underwriting expertise, supported by elevated risk advisory and education resources, product offerings, and claims handling.
Bitsight is the leading provider of cyber risk intelligence to the cyber insurance market, with more than 50% of global GWP underwritten by Bitsight customers. From internet-scale scanning and cyber performance metrics to threat intelligence across the deep, dark and open web, Bitsight is transforming how (re)insurers price, underwrite, and manage cyber risk.
Gallagher Re is a full-service global reinsurance broking and advisory firm operating across the risk and capital spectrum. By combining analytics capabilities with reinsurance expertise, strategic advisory services and transactional excellence, we help clients drive greater value from their businesses, negotiate optimum terms and achieve their risk transfer objectives.
Moody’s is a leader in delivering consistent cyber insurance risk quantification, with deep insights into both frequent and severe cyber risks. Our cyber risk modeling capabilities can help reinsurers capture tail risk, diversify portfolios, and make more informed strategic decisions.
Munich Re is one of the world’s leading cyber (re)insurers, committed to shaping a sustainable and profitable cyber insurance market. For the benefit of our clients and the industry, we continue to significantly invest in multidisciplinary expertise and in advancing our own models and cyber threat intelligence. We collaborate with industry partners to continuously better understand and manage cyber risks, ensure state-of-the-art and fit for purpose accumulation modelling and providing transparent wording and robust risk assessment.
The world in 2026 is characterised by geopolitical tensions, armed conflicts and wars, fierce competition in future-oriented industries, and a cyber threat landscape that requires decisive risk management. Cyber risks – whether from malicious attacks or non-malicious incidents – can threaten companies’ very existence and have massive impacts on third parties, even extending to whole economies and societies.
The fourth edition of Munich Re’s “Global Cyber Risk and Insurance Survey” shows that cyber resilience is widely recognized by decision-makers as a strategic corporate priority. The results and findings underline the strong potential for cyber insurance moving forward.
Smart systems, blind spots: Rethinking insurance for the AI era, written in association with MIT and Testudo, explores how the rapid deployment of artificial intelligence (AI) has outpaced the insurance market's ability to address the unique risks it introduces. As organizations integrate generative and non-generative AI into customer interactions, decision-making and core operations, they may inadvertently expose themselves to a class of AI-native liabilities that traditional insurance policies may not fully recognize or respond to.
As our economies become ever-more digitally interconnected, the (re)insurance industry faces a new and significant challenge: cyber risk. Comparable in importance to traditional property catastrophe risks, cyber risk has emerged as a key driver of volatility and capital strain. The rapid growth of the cyber insurance market has brought with it the need for innovative solutions to protect against extreme cyber tail events.
Bitsight Threat Intelligence reveals that attackers are increasingly targeting third-party vendors as force multipliers to scale access across supply chains. By exploiting long-standing, widely known vulnerabilities in shared infrastructure and vendor environments, threat actors can extend compromises far beyond a single organization. Analysis of more than 8.4 million threat-intelligence artifacts shows that attackers consistently favor vulnerabilities that enable downstream access, lateral movement, and credential exposure across trusted relationships.
The Amazon Web Services (AWS) cloud outage at its US-East-1 region, which emerged in the early hours Eastern Time (ET) on Monday, October 20, had widespread and sudden consequences for companies and organizations increasingly reliant on their cloud services. Afsar Ali looks at analysis using Moody's Cyber Solutions Version 9.0 to estimate potential U.S. cyber insurance losses.
Bitsight TRACE research highlights an overlooked but high-scale attack vector: subscribed digital calendars. Threat actors can abuse third-party calendar subscriptions to push malicious events containing URLs or attachments, often without user awareness. The risk is not a platform vulnerability, but the exposure created when calendar subscriptions rely on expired or hijacked third-party domains that can be weaponized for large-scale social engineering.
Bitsight’s latest Threat Intelligence Briefing explores how cybercrime has evolved into a mature, service-based underground economy. The research uncovers a growing reliance on Malware-as-a-Service (MaaS), Remote Access Trojans (RATs), and stealer ecosystems that mirror legitimate business models. These developments are fueling faster, more scalable attacks across critical industries like healthcare, technology, and finance.
Bitsight TRACE research reveals that financial institutions operate within one of the most complex digital supply chains of any industry. While the sector leads in cybersecurity maturity and third-party monitoring, the majority of its supplier ecosystem remains unseen. With over 1.6 million third-party technology relationships identified, hidden dependencies and unmonitored vendors are introducing material cyber risk across the global financial system.
The healthcare sector remains one of the most targeted industries for cyber attacks, driven by the high value of sensitive patient data, the rise of AI-driven systems, and the critical nature of healthcare operations. Bitsight Threat Intelligence has observed a significant uptick in both financially motivated and state-sponsored activity against healthcare networks, with ransomware, data breaches, and nation-state espionage leading the charge.
The latest survey reveals that issuers are facing increased dangers as AI tools become embedded in business operations — and weak AI governance poses growing risk of data breaches.
With the Asia-Pacific cyber insurance market is rapidly evolving, a diverse group of stakeholders, including representatives from leading insurance companies, technology firms, regulatory bodies, and cybersecurity experts, recently gathered at Gallagher Re’s Asia Cyber Conference 2025, sponsored by Moody's. Harry Lawrence and Mila Stevanic explore the issues and trends discussed at the conference.
As cyber risk continues to escalate in scale and complexity, to help the growing cyber insurance market understand the risk in its broadest sense, Moody’s is proud to announce a major milestone in our cyber modeling capabilities. Reflecting the deepening strategic partnership between Moody’s and Bitsight, Joe Melly and Michael Hoffman introduce the release of Moody’s RMS Cyber Solutions Version 9.0.
In our latest research at Bitsight TRACE, we found over 40,000 open, publicly accessible network cameras, streaming live footage from offices, factories, medical facilities, and even private homes. We first raised the alarm in 2023, and based on this latest study, the situation hasn’t improved.
As cyber threats are becoming more advanced, cyber insurers face more challenges. Gallagher Re explore how cyber development patterns are continuously changing.
Key stressors in our highly dynamic cyber landscape include supply chain dependencies, the effects of geopolitical conflicts and the increasing sophistication of cyber threat actors – the culmination of which is the capacity to heavily impact economies and societies.
Interested in learning more about our offerings? Our solutions specialists are ready to help.
