Bridging the Cyber Insurance Gap Between Brokers and SMEs

Understanding cyber insurance buying habits is key to advising companies on cyber risk solutions. A number of high-profile UK cyber attacks in 2025 put cyber risk firmly on the corporate agenda, but recent research into British small and mid-market companies by Coalition has shown a worrying gap between companies understanding that they are at risk and their approach to mitigating it.

This is reflected in the type of cyber insurance they purchase. Coalition recently surveyed 600 cyber insurance decision makers at small and midsize enterprises (SMEs) with between £1 million and £500 million turnover. While 73% of respondents said they had experienced a business-impacting cyber incident in the last five years, just 52% said they have a standalone cyber insurance policy.

Standalone cyber insurance often overlooked in favour of general coverage

One of the most worrying trends the research revealed is that a significant proportion of companies have moved away from standalone cyber policies, with many expecting cyber coverage to be provided as part of their standard P&C package policies. 35% of respondents said that they have had a standalone cyber policy in the past three years but no longer have one. Of those who decided against buying a standalone cyber policy, 34% said they felt they already had sufficient coverage from their general insurance policy and a quarter said they could afford to self-insure.

A move toward reliance on cyber protection from general coverage policy is cause for concern as long as the number of cyber incidents continues to increase. Despite elevated awareness of cyber risk, driven by the high profile cyber attacks in 2025, Coalition’s data suggests a potential misplaced confidence in general coverage that could lead to gaps if and when it comes time to make a claim. When clients choose a route other than standalone cyber coverage, the onus then falls on brokers to ensure that their clients understand where they may not be covered and the scope of the costs they could then be sourcing from their own funds.

Our results show that many SMEs shifted their insurance priorities away from cyber insurance cover during the hard cyber market and have not returned since the market has improved its offering.

Broker advisory is essential to closing the cyber coverage gap

Only 27% of standalone cyber policy buyers cited a broker recommendation as having influenced their decision to buy. Among respondents who said they don’t have a standalone cyber policy, 99% said their broker had discussed it with them, but nearly half had decided against it. 

These figures speak to the willingness of brokers to discuss cyber risk with clients, but suggest that there is still a large contingent who are not cyber specialists and would benefit from more education and support from their insurers and MGA partners.

Looking  at regional variations, broker recommendations were valued more often for buyers in the Midlands (37%), followed by London (33%) and Scotland (31%). Welsh buyers were the least likely to have cited broker recommendation as most influential in their decision to buy standalone cyber coverage (17%). In Wales, 39% cited seeing the impact of cyber attacks on other companies as the most likely deciding factor.

In terms of company turnover, SMEs in the £11 million to £100 million bracket were most likely to cite broker recommendations as influencing their decision to buy standalone cyber cover (30%), while only a quarter (24%) of those at the lower and upper end of the turnover scale said the same. This is less an issue of trust but more likely that other factors tend to have stronger influence over these decisions at both smaller and larger companies.

Coalition’s business development team works closely with brokers day-to-day, and for those who aren’t cyber specialists, building up confidence in their cyber advisory capabilities is critical. As well as the advisory tools we offer at Coalition, such as personalised Cyber Risk Assessments, our business development team is on hand to help brokers, and we run monthly webinars on advisory and sales topics to provide tips and support.

The cost/coverage fallacy

We often talk about how overcoming client objections to cyber insurance and successfully countering them can be key to buyers taking up broker recommendations.

Cost continues to be a hot objection, despite the soft market reducing premiums for many companies. For those who said they are not covered by a standalone cyber insurance policy, 19% said cyber insurance was too expensive, and 35% said they felt the risk didn’t outweigh the cost.

Buyers surveyed at the largest companies (£100 million to £500 million) were the most likely to think standalone cyber insurance is too expensive (50%), whereas only 14% at the smaller companies said the same. However, 50% of respondents at smaller companies said they felt the risk doesn’t outweigh the cost versus 44% of larger companies.

Of all respondents who decided against standalone cyber cover, despite recommendations from their brokers, around a third felt their company was unlikely to suffer a cyber incident. 74% of all respondents said that if they did suffer an attack, they would cover the cost of it themselves. 

When asked to estimate the cost of an attack including a data breach, ransomware event, or third-party breach, less than 10% of respondents thought the cost would amount to more than £1 million pounds, with most estimating amounts up to £500,000.

Coalition provides tools for brokers to demonstrate potential financial losses to clients, including a claims calculator in the Broker Platform and a Financial Risk Calculator in Coalition Control®.

Where do we go from here?

There are positive signs that the desire for standalone cyber cover is making a comeback. During 2025, it’s been difficult to avoid seeing the true consequences of a cyber attack, with big brands and high-profile companies hit with disrupted operations and large recovery bills. Our survey has revealed that these events are now spurring decision makers into action, with 30% saying it has encouraged them to review their cyber insurance coverage or request standalone cyber insurance quotes.

The volume and visibility of 2025 cyber attacks appears to have spurred all our respondents into some form of action, whether it be reviewing their cyber insurance coverage, creating an incident response plan, implementing employee security training, or adding cybersecurity to the management agenda. 

Brokers now have the opportunity to harness this action and demonstrate to insurance buyers how a standalone cyber policy better aligns with their goals for protecting their company from cyber risk. Standalone cyber products such as Coalition’s Active Cyber Insurance provide tangible value that goes beyond coverage, with cyber risk management and security tools and services.

Watch our webinar for more research insights

Watch the webinar on-demand

This blog post is designed to provide general information on the topic presented and is not intended to construe or render legal or other professional services of any kind. If legal or other professional advice is required, the services of a professional should be sought. The views and opinions expressed as part of this blog post do not necessarily state or reflect those of Coalition. Neither Coalition nor any of its employees make any warranty of any kind, express or implied, or assume any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, product, or process disclosed. Any action you take upon the information contained herein is strictly at your own risk. Coalition and its affiliates will not be liable for any losses and damages in connection with your use or reliance upon the information. The blog post may include links to other third-party websites. These links are provided as a convenience only. Coalition does not endorse, have control over, nor assumes responsibility or liability for the content, privacy policy, or practices of any such third-party websites.

Copyright © 2025. All rights reserved. Coalition and the Coalition logo are trademarks of Coalition, Inc.