Cyber insurer Cowbell anticipates a significant increase in data theft, AI-driven scams, and supply chain cyber incidents affecting UK businesses by 2026. The company’s leadership outlined its perspective on evolving cyber threats, preventive measures, and changes in the insurance landscape, reflecting trends that have emerged over the past year.
In its forecast, Cowbell highlights a shift in focus among cyber attackers from system encryption to stealing sensitive data, particularly personally identifiable information (PII). “This year, we are still largely seeing the same types of attacks although threat actors’ tactics are evolving. We’ve continued to see a huge amount of ransomware, for example, although we’ve started seeing trends more towards data theft than full system encryption as threat actors recognize the value in PII – and expect this to continue into 2026,” said Claud Bilboa, RVP Underwriting & Distribution at Cowbell. He warned that this pivot could escalate the financial and operational fallout from incidents.
Bilboa noted, “This pivot to data theft still carries a great deal of severity from a cost perspective and can also take years to conclude due to the time it typically takes to settle these matters with individuals and regulators.” The firm expects that incidents related to system failures and supply chains will grow as small and mid-sized enterprises increasingly depend on digital infrastructure and outsourced IT services.
Looking ahead, Cowbell anticipates that criminal groups will leverage artificial intelligence more extensively by 2026, utilizing generative AI tools to personalize scams and enhance social engineering efforts. “As AI becomes more accessible, the barriers to entry for attackers are falling, and we’re already seeing threat actors evolve their tactics as a result,” explained Kirsten Maley, Director of Claims for the UK at Cowbell. She expects a notable rise in cyber crimes and business email compromise (BEC) as adversaries become more sophisticated.
Among the emerging trends, Simon Hughes, SVP Global Distribution & GM UK at Cowbell, highlighted the impact of deepfakes and AI-generated content on fraud patterns. “Deepfakes and generative AI have made phishing far more convincing and much easier to do. We’ve seen CFOs approve payments based on voice-cloned messages or synthetic emails,” he stated, adding that there are early signs of quantum-aware encryption testing as threat actors prepare for the post-quantum computing landscape.
Cowbell identifies several sectors—including manufacturing, healthcare, public sector, retail, and education—as likely targets in the coming year. Factors such as outdated technology, low cyber maturity, and the operational impact of breaches make these industries particularly vulnerable. Bilboa explained, “Some of these sectors suffer from underinvestment and also have legacy and out of date systems within their IT/OT estates. They are popular targets owing either to the operational impact a cyber incident has on their business operations or the sensitive information they hold that is lucrative for threat actors.”
Hughes added that the education sector and outsourced IT providers are increasingly at risk. “The education sector is becoming increasingly exposed due to outdated systems and low cyber maturity, as well as Security as a service vendors. As outsourced IT dependency grows, these tech firms have become a ‘gateway’ into larger enterprises,” he noted.
As cyber threats evolve, Cowbell expects organizations to adopt more sophisticated prevention measures that align with attacker tactics. Bilboa emphasized the importance of investing in key controls and policies, stating, “Prevention is not a static topic; it is constantly evolving. My message to business leaders is ‘It’s not if but when.’ Invest in key controls, policies and procedures so that when you are faced with a cyber attack, you are in the very best position possible to navigate through it.” He also forecasted that corporate governance of AI usage will become a standard discussion point.
In terms of the cyber insurance market, Cowbell predicts rapid expansion as demand increases and insurers adjust their underwriting practices to meet the complexities of frequent incidents. “Insurers are evolving from pure risk transfer to risk partnership. At Cowbell, for example, we’re embedding continuous risk assessment, offering policyholders real-time visibility of their cyber posture through data-driven tools,” Hughes explained. He mentioned that coverage and conditions will increasingly reflect a company’s live cyber hygiene rather than a static questionnaire, and that services for incident response readiness are likely to be bundled into policies.
Cowbell’s outlook also points to a changing regulatory environment in the UK concerning ransom payments and breach reporting, which is expected to become clearer over the next year. Maley noted, “The UK is at a crossroads at the moment and we are likely to get far more clarification over 2026. Right now, the government is looking into a partial ban of ransom payments, which would apply to the Public Sectors and Critical National Infrastructure.” Any new regulations will significantly influence both incident response strategies and insurance arrangements in the coming years.
See also
AI-Driven Automation Set to Transform Cybercrime Landscape by 2026, Warns Trend Micro
Parrot OS 7.0 Launches with Advanced AI Tools and New Penetration Testing Features
Parrot OS 7.0 Launches with AI Tools and Major System Overhaul Based on Debian 13
OpenAI Hires Preparedness Chief to Combat Rising Cyberattack Risks Amid AI Advances
AI-Driven Cyberattacks Surge as Organizations Face Growing Security Challenges
