Cyber Premiums Are Going Up Because Attack Costs Just Went Down
If your client's cyber policy was underwritten before Q4 2025, it was priced for a world where running a cyber attack cost something. That world is over. Anthropic disclosed in November 2025 that a Chinese state-sponsored group ran 80 to 90 percent of its tactical operations through Claude Code with minimal human input, hitting roughly 30 Western targets. Munich Re warned in March 2026 that agentic-AI attacks will pressure claim frequency. S&P already forecasts a 15 to 20 percent cyber premium increase for 2026. The renewal conversation needs to catch up.
What Anthropic Disclosed Changes the Underwriting Model
On November 13, 2025, Anthropic published its disruption of a Chinese state-sponsored threat actor it tracks as GTG-1002. The group used Claude Code to orchestrate the first reported AI-autonomous cyber-espionage campaign. Targets included tech companies, chemical manufacturers, financial institutions, and government agencies across multiple countries. Roughly four breaches succeeded. The success rate is not what matters. The cost curve is.
Before this disclosure, a serious cyber-espionage campaign required a team of skilled operators spending months on reconnaissance and exploitation work, with lateral movement on top of that. GTG-1002 compressed the same operation to the speed of AI inference, with a small human crew steering. Anthropic estimated Claude executed 80 to 90 percent of the tactical work autonomously, at request rates a human team could not match. Underwriting that assumes attack effort is proportional to attack sophistication no longer holds.
Mythos Preview and the Expanding Attack Surface
Five months later, Anthropic released a limited preview of its Claude Mythos model, which autonomously identified thousands of high-severity vulnerabilities across major operating systems and browsers. The findings included a 27-year-old OpenBSD bug and a 16-year-old FFmpeg vulnerability that traditional fuzzing tools had hit five million times without catching. Mythos is restricted to Project Glasswing partners, but the capability sets a ceiling that adversary agents will trend toward. When they do, the exploitable attack surface widens dramatically.
Munich Re Already Moved
On March 26, 2026, Munich Re warned that agentic-AI cyberattacks will increase claim frequency before they increase severity. That framing matters. Higher severity lands on a single policy. Higher frequency lands on the portfolio. When the biggest cyber reinsurer tells its cedents to expect frequency pressure, that's a signal to every carrier downstream to revisit loss pick assumptions. Cedents that ignore it will reprice reactively after 2026 loss runs come in.
Why Your Client's Premium Will Rise
S&P Global Ratings forecasts a 15 to 20 percent cyber premium increase in 2026, with healthcare and financial services already running about 50 percent above market average. Coalition's 2026 Cyber Claims Report shows initial ransom demands jumped 47 percent year over year in 2025, even though a record 86 percent of businesses refused to pay. The spread between demand and collection tells you attackers are running more plays at lower cost because they can afford more misses.
BEC and funds-transfer fraud together account for 58 percent of cyber incidents in the Coalition book. These are the attack types that scale best with agentic AI. High volume with low per-incident effort. Psychological manipulation that sidesteps most technical controls. Exactly the profile autonomous agents are good at running.
The Counter-Argument
A reasonable pushback: defenders get AI too. Major security vendors are deploying detection models trained on attack telemetry, and the March 2026 Cyber Strategy for America explicitly commits the US government to agentic AI for network defense and disruption. If defensive automation scales at the same pace, the frequency shock could be a blip rather than a permanent repricing.
What that argument misses is the timing asymmetry. Attack agents operate outside governance frameworks. Defense agents sit inside enterprise IT procurement cycles and regulatory review. Your mid-market manufacturing client isn't deploying a SOC agent in 2026. Your Fortune 500 client might be, slowly. The gap between attacker capability and defender deployment is where the claims land, and that gap widens first.
What to Do at the Next Renewal
Pull agentic AI into the renewal conversation in two places. First, ask your underwriter how they're treating the frequency assumption shift in 2026 renewals. If the answer is "same as last year," you're talking to a carrier about to misprice, and you should find out which of your other markets has already moved. Second, reopen the controls discussion with the client. BEC playbooks got refreshed for AI-enabled impersonation about 18 months too late. Controls like DMARC enforcement and out-of-band wire verification matter more now than they did in the 2024 supplemental.
The other move is margin protection. Brokers who explain the frequency shift first and raise the premium conversation before the carrier does will keep the account. Brokers who get blindsided by a double-digit increase at renewal will not.