Biba 2026: Cyber insurers are becoming the industry’s ‘swat team’ as ransomware threats escalate - Insurance Times
Insurance Times
Archived May 19, 2026
✓ Full text saved
Biba 2026: Cyber insurers are becoming the industry’s ‘swat team’ as ransomware threats escalate Insurance Times
Full text archived locally
OK
Skip to main content
Skip to navigation
NEWS
Biba 2026: Cyber insurers are becoming the industry’s ‘swat team’ as ransomware threats escalate
By Iris Hakaj19 May 2026
No comments
’There is no emergency service for cyber incidents. You can’t call 999 and someone is going to turn up to help you to fix it,’ says head of claims and incident management
Cyber insurers are increasingly positioning themselves not simply as indemnity providers, but as frontline crisis responders capable of getting businesses back online within days after devastating cyber attacks.
Read: Biba 2026 – Insurance firms risk becoming ‘irrelevant’ without stronger cyber propositions
Read: Lloyd’s working to deliver greater clarity on cyber cover
Not subscribed? Become a subscriber and access our premium content
Explore more cyber-related content here, or discover other news stories here
That shift was brought into sharp focus during a cyber insurance seminar at the 2026 Biba Conference, where panellists argued that the real value of cyber cover now lies in the operational expertise insurers can deploy during a crisis.
The discussion was underpinned by a first hand account from Josh Barnsdale, UK insurance and technology leader at One Call Insurance, whose business suffered a ransomware attack five years ago.
The attack left systems across the organisation unusable, disrupting operations for a business servicing around 800,000 customers.
“I want you to imagine walking into your business and every single computer in your business is unusable,” Barnsdale said.
“And what would you normally do? Well, you go and contact your IT team and you say, please, can you sort this? But the thing is, the IT team don’t have any computers at work as well.”
Barnsdale described the experience as both operationally crippling and emotionally draining, with staff unable to work and customers unable to access core services such as policy amendments and renewals.
The business had only taken out cyber insurance that year after previously reviewing the product for some time.
According to Barnsdale, the insurer’s response capability proved critical. Specialist teams worked around the clock to help rebuild infrastructure, coordinate legal and communications support and restore operations.
“We had to rebuild our infrastructure, which we had to do from scratch completely,” he said.
“We were able to spin up and get online within 72 hours.”
Barnsdale added that sourcing the same expertise independently would likely have taken weeks or months due to procurement and contracting delays.
“You know what it’s like just to create a contract these days,” he said.
“We’d be looking at weeks or months to get that technical support in.”
Swat team of experts
The panel repeatedly returned to how cyber insurance is evolving into a broader resilience and incident response proposition, particularly for SMEs lacking in house cyber expertise.
Read: Biba 2026 – McLarens warns of cyber-physical BI gaps and data centre exposures
Read: Biba 2026 – Evolving AI capabilities present both cyber risks and opportunities
Explore more cyber-related content here, or discover other news stories here
Helen Nuttall, head of claims and incident management in the UK at Marsh, said many businesses underestimate both the operational and psychological impact of cyber incidents until they experience one themselves.
“There is no emergency service for cyber incidents. You can’t call 999 and someone is going to turn up to help you to fix it.”
Nuttall described cyber insurance as “as close as you’re going to get to have a swat team of experts” capable of parachuting into businesses during a crisis.
She added that the speed of intervention can determine whether a business survives an attack, noting that while some ransomware recovery efforts drag on for months, rapid specialist support can significantly reduce downtime.
“We’ll see events that that can drag on for weeks, if not months, in terms of the recovery process,” she said.
Education
Lindsey Maher, head of global cyber development at CFC, said the market still faced a major education challenge around the role cyber insurance now plays.
Maher noted that more than 90% of the 3,000 plus cyber claims handled by CFC last year involved businesses with turnovers below £50m, challenging the perception that smaller firms are unlikely to be targeted.
“Our experience is actually completely the opposite,” she said.
Maher added that SMEs were often targeted because they were “vulnerable, rather than valuable”.
She argued that insurers are increasingly differentiating themselves through proactive monitoring and incident response services, rather than solely through claims payments.
She said: “It’s not who you’re going to call when something happens, it’s now who’s going to call you and tell you that it happened.”
Maher also pointed to a significant difference in recovery timelines between insured and uninsured businesses following ransomware incidents.
“The average downtime for ransomware attack with experts, with instant response specialists’ average downtime is two to three days,” she said.
“Without cyber insurance or without the experts that come with cyber insurance, that is two to three months.”
Iris Hakaj
Follow
Iris is a reporter at Insurance Times, where she is building her expertise in the insurance sector while developing a strong understanding of the industry.
With a background in local journalism, she has previously worked as a freelance reporter covering community stories and gaining valuable on the ground experience.
View full Profile
MORE IRIS HAKAJ
Marsh Risk appoints new UK chief claims officer
Video: A look back at Biba 2026
Biba 2026: Commercial insurance is too complex to automate but AI can still transform it
Topics
BIBACyberInsurersNews
No comments
READ THE FULL REPORT
Register for free and gain access to more award-winning coverage by Insurance Times
If you are already registered, please . Alternatively, you can request a free trial.
RELATED ARTICLES
Biba 2026: Biba welcomes government’s new Enhancing Financial Services Bill
14 May 2026
By James Cowen
Biba 2026: Intact eyes new commercial lines ‘opportunities’ in eTrade – Becky Henry
14 May 2026
By Harriet Scott
Biba 2026: SSP targeting growth through new M&A strategy
14 May 2026
By George McDade
Biba 2026: Biba launches new cyber insurance directory
13 May 2026
Biba 2026: Government introduces new Enhancing Financial Services Bill
13 May 2026
By James Cowen
Marsh Risk appoints new UK chief claims officer
19 May 2026
By Iris Hakaj
LOAD MORE ARTICLES
MORE NEWS
Markel and Willis launch major facility to provide capacity for nuclear facilities
19 May 2026
By James Cowen
Insurance Times publishes new UK product liability report in association with Arch
19 May 2026
By Savan Shah
Biba 2026: Ben Wallace warns insurers cyber resilience is ‘more important, not less important’
18 May 2026
Biba 2026: AI developments reinforcing the need for preventative cyber insurance
18 May 2026
By George McDade
Aviva promotes for new commercial lines chief underwriting officer
18 May 2026
By James Cowen
Biba 2026: Gallagher’s retail restructure opens the door to new talent – Nick Harris
18 May 2026
By Katie Scott
LOAD MORE ARTICLES
NO COMMENTS YET
You're not signed in.
Only registered users can comment on this article.
KEEP INFORMED
ABOUT USCONTACTSTERMS & CONDITIONSPRIVACYCONTRIBUTORSMEDIA PACKADCHOICESCOOKIESSUBSCRIBEFAQFEEDBACK© INSURANCE TIMES 2026
Part of the Insurance and Risk group of Newsquest Specialist Media
Published by Newsquest Media Group Limited,
registered in England & Wales with number 01676637
at The Echo Building, 18 Albert Road, Bournemouth,
England, BH1 1BZ - a USA Today company
Site powered by Webvision Cloud