Two of the world’s largest insurers looked at cyber insurance in 2026 and reached the same conclusion: we cannot build this internally.
Zurich paid $10.9 billion to own the answer. Allianz handed its entire standalone cyber book to a specialist MGA. These are opposite strategies driven by the same admission. And what they reveal about the difficulty of underwriting cyber risk is more important than either deal alone.
What Zurich Bought
The acquisition of Beazley was not impulsive. Zurich first approached Beazley in June 2025 and was rejected. Over the following nine months, Zurich returned with multiple offers. Beazley’s board rejected each one as undervaluing the company. The two sides finally agreed on $10.9 billion in early 2026. Shareholders approved in April with 99.9% in favor. Closing is expected in the second half of 2026.
What costs $10.9 billion?
Beazley was founded in 1986. It manages seven Lloyd’s syndicates and wrote $6.2 billion in gross premiums in 2024 across cyber, specialty, property, marine, aviation, and political risk. It has been profitable in every underwriting year for nearly four decades. Its combined operating ratio last year was 74.8%. That is an exceptionally well-run insurance company by any standard.
price for Beazley
premium book
ratio in 2024
Cyber is the reason for the price tag. Beazley’s cyber book, roughly $1.3 billion in premium, ranks at the top of global standalone cyber insurance. The company launched Beazley Breach Response in 2009, pioneering the model of bundling incident response services directly into the policy, years before the first cyber-focused MGA was founded. That approach has been widely copied across the industry. The breach response data from thousands of investigations per year feeds back into underwriting in a loop that takes a decade or more to replicate. Other carriers reference Beazley’s policy wordings when developing their own cyber products.
Zurich bought a forty-year underwriting track record, $1.3 billion in cyber premium, 17 years of breach response data, and the team whose policy language became the market’s reference point. Before this deal, Zurich was not among the top ten global cyber insurers. After it closes, the combined entity will write approximately $15 billion in specialty premiums, anchored by the world’s leading cyber book.
What Allianz Conceded
In May 2026, Allianz Commercial announced it was transferring its entire standalone commercial cyber portfolio to Coalition. Coalition becomes Allianz’s exclusive global partner for cyber insurance across all commercial segments under a minimum ten-year agreement.
Allianz’s own standalone cyber book, while growing since crossing EUR 100 million in premiums around 2019, remained a fraction of its approximately EUR 17 billion commercial portfolio. The decision was not about abandoning a core competency. It was about recognizing that cyber requires a fundamentally different operating model than the one the commercial book was built on.
Under the terms, Coalition takes over pricing, product development, risk mitigation, and claims management. Allianz retains long-term capacity and receives increased equity in Coalition plus a board seat. Oliver Bäte, the CEO of Allianz SE, had already been sitting on Coalition’s board as an independent director since November 2023, evaluating the operation from the inside for two and a half years before the transfer was announced.
The relationship goes back further. Allianz first entered a capacity partnership with Coalition in mid-2022 and co-led Coalition’s $250 million Series F that same summer. What was announced in 2026 was the conclusion of a four-year courtship.
Coalition, founded in 2017, broke out of the MGA crowd by building a technology platform that continuously monitors policyholders’ digital exposure, scanning infrastructure tens of thousands of times per week and feeding real-time threat intelligence into underwriting and pricing. The insurer is not waiting for a claim. It is working to prevent it. Coalition reports that its policyholders experience 64% fewer claims than the industry average. The company now serves over 100,000 policyholders globally and, with the Allianz book, is positioned to become the largest dedicated cyber writer in the world.
Allianz made a structural calculation. Building an active monitoring platform, hiring hybrid cybersecurity-insurance talent, and transforming an established carrier’s operating model from the inside would take years and hundreds of millions in investment with no guarantee of cultural adoption. Handing the book to a specialist that has already solved the problem was faster, structurally cleaner, and preserved the financial upside through equity and capacity economics.
What This Means for Everyone Else
These two deals say something uncomfortable about the rest of the market.
Carriers that have not already built it, bought it, or partnered for it are running out of road.
The MGA landscape reflects this. Cyber MGA funding dropped 44% in 2025. Cyber premiums have declined for the first time. The market has softened 22% from its mid-2022 peak. For new entrants, compressed margins make it harder to invest in the technology and talent that differentiated underwriting requires. Coalition’s CEO has publicly predicted a shakeout among the dozens of cyber MGAs that emerged during the hard market of 2021 and 2022. Scale, differentiated data, and carrier-grade claims capability are becoming table stakes. The survivors will be those that look less like brokers with delegated authority and more like the operating platforms that Zurich and Allianz just bet billions on.
The Uncomfortable Question
If two carriers with balance sheets exceeding a hundred billion dollars each decided they could not build cyber underwriting internally, what does that say about how difficult this problem is?
Cyber is not a line of business that traditional insurance infrastructure was designed for. A vulnerability disclosed on Monday becomes a widespread exploit by Friday. Ransomware surged 126% in the first quarter of 2025. Social engineering attacks powered by deepfakes accounted for 57% of incurred cyber claims in the first half of the same year. The underwriting model has to process threat intelligence in real time, not last year’s loss triangle.
And the next disruption is already visible. Estimates for quantum computing to break mainstream public-key encryption have compressed from 2035 to as early as 2030, and “harvest now, decrypt later” attacks are already underway. If a single quantum breakthrough invalidates the encryption assumptions behind every cyber exposure on the books, the pricing model gets rebuilt from the ground up.
Why I Am Writing This
Most commentary on these deals comes from analysts and journalists.
I have been in the corporate strategy seat at a global carrier. I have run technology strategy at another carrier. I have built and run the operations at a cyber insurance MGA. I now audit the insurance programs that these carriers and MGAs produce for community banks.
Most of the conversation about Zurich-Beazley and Allianz-Coalition is focused on deal price, strategic rationale, and market share. I believe the conversation that matters is about what these moves reveal: underwriting a risk that changes constantly, settles over years, and may be reshaped by technologies that do not yet fully exist is a problem that even the largest carriers in the world have decided they cannot solve alone.
Who stands behind your policy matters at claim time. Two of the world’s largest insurers just admitted they cannot build this capability internally. The question for every policyholder is whether their carrier has a credible answer to the same problem.
