Predictions 2026: Cowbell Identifies Key Risks & Trends

Still hungry for more Predictions 2026? We are at IE, so here are some useful points from Cowbell;

1. Data is the new hostage, while system failures and supply chain attacks rise 

• Expect attackers to pivot from locking systems to stealing sensitive data, creating longer, costlier recoveries.
• Both system failures and supply chain attacks are growing, hitting business operations where it hurts.
• As more SMEs become digitally dependent on outsourced IT infrastructure, large-scale outages and attacks will become more common.
• Claud Bilboa, RVP Underwriting & Distribution at Cowbell says: “This year, we are still largely seeing the same types of attacks although threat actors tactics are evolving. We’ve continued to see a huge amount of ransomware, for example, although we’ve started seeing trends more towards data theft than full system encryption as threat actors recognise the value in PII – and expect this to continue into 2026. This pivot to data theft still carries a great deal of severity from a cost perspective and can also take years to conclude due to the time it typically takes to settle these matters with individuals and regulators. We are also seeing an increase in non malicious cyber events (system failure events).”

2. AI continues to change the game, while attackers become “quantum-aware”

• Attackers are adopting forward-looking tech, using AI to up their game and testing quantum-aware encryption for a post-quantum future.
• Kirsten Maley, Director of Claims, UK at Cowbell explains: “As AI becomes more accessible, the barriers to entry for attackers are falling, and we’re already seeing threat actors evolve their tactics as a result. Because of this, in 2026 I expect a clear rise in cyber crime and BEC, alongside more AI-driven activity as adversaries continue to grow in sophistication.”
• Simon Hughes, SVP Global Distribution & GM UK at Cowbell adds: “Deepfakes and generative AI have made phishing far more convincing and much easier to do. We’ve seen CFOs approve payments based on voice-cloned messages or synthetic emails. There are also early signs of quantum-aware encryption testing, as threat actors prepare for the post-quantum era.”

3. Some sectors will remain irresistible to hackers

• Manufacturing, healthcare, public sector, retail, and education are currently – and will continue to be – top targets.
• Claud Bilboa, RVP Underwriting & Distribution at Cowbell says: “For a number of reasons, some of these sectors suffer from underinvestment and also have legacy and out of date systems within their IT / OT estates. They are popular targets owing either to the operational impact a cyber incident has on their business operations, the manufacturing sector is a great example of this, or the fact that they hold lots of very sensitive information which is lucrative in the hands of threat actors. ”
• Simon Hughes, SVP Global Distribution & GM UK at Cowbell adds: “Alongside the usual targets, the education sector is becoming increasingly exposed due to outdated systems and low cyber maturity, as well as Security as a service vendors. As outsourced IT dependency grows, these tech firms have become a “gateway” into larger enterprises.”

4. Prevention tactics will continue to evolve

• As cyber attack tactics evolve, so are prevention tactics, with wider adoption of AI policies and shadow AI monitoring within businesses expected in 2026.
• Claud Bilboa, RVP Underwriting & Distribution at Cowbell says: “Prevention is not a static topic, like many things in cyber it is constantly evolving. As such, my message to business leaders is ‘It’s not if but when’. Invest in key controls, policies and procedures so that when you are faced with a cyber attack you are in the very best position possible to navigate through it. Cyber insurance plays a pivotal role in this too. Assessing what cyber security tools you use along with further developing your policies and procedures is something that should be addressed at least annually. In 2026 we may start to see a wider adoption of AI policies amongst businesses as they look to implement the use of AI within their own businesses. They too will need to consider the risks that this comes with, these could be privacy risks or the risk of shadow AI within their businesses.”

5. The insurance industry is reacting and growing at speed

• The cyber market is going to continue growing at great speed over 2026, with  insurers responding to rising cyber threats with hardened controls, an abundance of pre and post incident services, and clearer cover.
• Simon Hughes, SVP Global Distribution & GM UK at Cowbell says: “Insurers are evolving from pure risk transfer to risk partnership. At Cowbell, for example, we’re embedding continuous risk assessment, offering policyholders real-time visibility of their cyber posture through data-driven tools. The underwriting approach has become more dynamic: coverage, limits, and conditions reflect a company’s live cyber hygiene rather than a static questionnaire. We’re also seeing growth in incident response readiness services being bundled into policies, so the support starts before a breach ever happens.

6. Regulatory outlook still in the air

• Partial bans on ransom payments and mandatory reporting likely in the UK.
• Kirsten Maley, Director of Claims, UK states: “The UK is at a crossroads at the moment and we are likely to get far more clarification over 2026. Right now, the government is looking into a partial ban of ransom payments, which would apply to the Public Sectors and Critical National Infrastructure (CNI). In addition, they are also considering mandatory ransom reporting. But I suspect there may also be some developments around AI.”