Professional advice and anxiety around new technology, especially AI, now sit at the centre of cyber insurance purchasing decisions among SMEs, according to a recent survey by GlobalData.
As cyber insurance shifts toward prevention, more specialised policies look set to lower entry barriers and improve protection for smaller businesses.
GlobalData’s 2025 SME Survey shows professional advice as the strongest trigger pushing SMEs toward cyber cover. Broker guidance ranked first, cited by 39% of respondents.
Advice from financial advisers followed at 33.8%. Fear tied to AI adoption came next, with 35.8% pointing to rising exposure linked to new technology.
AI unease runs deep. SMEs increasingly view rapid AI rollout across industries as a source of risk rather than comfort. Many expect cyber policies to respond to AI-related losses. Often, they don’t.
Standard cyber policies typically exclude losses caused by a company’s own AI tools producing faulty outputs, think incorrect chatbot responses or flawed automated decisions. Litigation linked to biased or skewed AI training data often sits outside cover as well. At the same time, most cyber policies do cover attacks carried out using AI-driven hacking tools. The mismatch leaves room for disappointment after a claim.
Brokers and financial advisers sit in a strong position here. They assess risk, decode policy language, and steer clients toward coverage that fits.
For SMEs worried about AI exposure, advisers increasingly point toward cyber policies with explicit AI add-ons or separate specialist covers layered alongside standard cyber insurance.
The survey also shows a shift in motivation. External advice and broader risk awareness now outweigh direct experience. Only 27.7% of SMEs cited their own cyber incident as a trigger for buying insurance. Another 26% pointed to a competitor suffering an attack. Prevention, not reaction, now drives behaviour.
That shift improves resilience. It doesn’t solve affordability.
Many SMEs struggle with policy costs or with meeting insurer requirements such as upgraded software or security controls.
According to Beinsure, insurers face pressure to simplify. Cover fewer risks. Focus on the ones SMEs face most often.
Narrower, targeted cyber policies won’t remove risk. They might make protection realistic for businesses currently priced out or confused by coverage gaps.
