Small and medium enterprises (SMEs) are more likely to buy cyber insurance because of professional advice or perceived risks such as AI, rather than because the company has been a victim of a cyberattack. As the market becomes more preventative, specialized cyber policies may reduce the barrier to entry and help provide adequate protection for SMEs, finds GlobalData, a leading intelligence and productivity platform.

According to GlobalData’s 2025 SME Survey*, professional advice is the most important driver prompting global SMEs to take out a cyber insurance policy. Being advised by a broker is the single most important factor (39%), while receiving advice from financial advisors was cited by 33.8% of respondents. However, SMEs are also wary about the increased risks posed by AI adoption, citing this as the second most important consideration (35.8%).  

Beatriz Benito, Lead Insurance Analyst, GlobalData, comments: “The rapid spread of AI and its integration across all industries is making SMEs feel uneasy and anxious about the technology, perceiving that it may pose significant risk. Given that many standard cyber policies do not mention AI cover, there could be a gap between what clients expect from their policy and what it actually covers.”

Typically, standard cyber policies exclude losses related to a business’s own AI tool producing erroneous outputs (such as quoting the wrong information in a chatbot) or litigations arising from biased data from AI-derived algorithms. In contrast, cyber insurance policies commonly cover losses from AI-powered hackers.

Benito adds: “Brokers and financial advisors are uniquely positioned to assess clients’ risks and needs and match them to products that meet their requirements. For clients seeking protection against AI risks, they should consider offering cyber insurance policies with add-ons that explicitly cover AI-related incidents; otherwise, they should offer them specialist policies alongside cyber insurance.”

With a growing emphasis on prevention, SMEs are increasingly citing professional advice as a reason for purchasing cyber insurance. External factors, such as media reports, are also exerting a stronger influence on purchasing behavior. Such factors now play a stronger influence than SMEs having fallen victim of a cyberattack (27.7%) or one of their competitor’s (26%) having gone through this.

Benito concludes: “While this shift makes businesses safer, SMEs may not always be able to afford the cost of a policy, or the technology (such as software upgrades) required by insurers. Given the high barrier to entry for SMEs, insurers should focus on developing policies covering just the risks that are most common to such businesses.”

*GlobalData’s 2025 SME Survey was carried out via an online panel, with 2,054 SMEs surveyed across 14 countries