Sutcliffe & Co has become one of only 17 insurance brokers in the UK to receive the new Accredited Cyber Insurance Broker (ACIB) status from the British Insurance Brokers' Association (BIBA), as the trade body moves to close a deepening protection gap affecting UK businesses.
The accreditation and the accompanying BIBA Cyber Insurance Broker Directory launched at the BIBA Conference in Manchester on May 13.
The directory was developed in collaboration with the Department of Science, Innovation and Technology (DSIT) to enable businesses to find specialist support in managing, mitigating and transferring their cyber risks. To secure a listing, brokers must operate their own cyber security framework that meets or exceeds the DSIT's Cyber Essentials standard, hold standalone cyber insurance for their own business, and employ specialist cyber staff who undertake ongoing training.
And yet, take-up of dedicated cover remains alarmingly low. DSIT data showed that just 10% of UK businesses and 5% charities hold a dedicated cyber insurance policy. Research from GlobalData suggests that just over 40% of UK SMEs currently hold cyber insurance, compared with around 70% of FTSE 100 companies, leaving smaller firms with the least protection.
The financial consequences are increasingly visible. ABI data shows that nearly £200 million was paid out in UK cyber insurance claims last year. Independent research published alongside the Cyber Security and Resilience Bill put the broader economic cost in starker terms - the average cost of a significant cyberattack now exceeds £190,000, amounting to around £14.7 billion a year across the economy, or equivalent to 0.5% of UK GDP.
The ACIB launch arrives amid significant legislative change.
The Cyber Security and Resilience Bill was introduced to Parliament on Nov. 12, 2025, aiming to modernise the UK's cyber regulatory regime, widen the scope of regulated entities and strengthen resilience across critical sectors. For insurance policyholders, the Bill is expected to prompt greater focus on demonstrable compliance with enhanced risk management and governance standards, with a continuing emphasis on disclosure at placement and incident reporting with cyber policies.
Lloyd's has warned that rapid cyber expansion may be outstripping the market's capacity to absorb risk, even as premium rates softened through 2025. The UK cyber insurance market is nonetheless forecast to grow from $1.77 billion in 2026 to $3.28 billion by 2031, at a CAGR of 13.18%, though that trajectory depends significantly on closing the SME protection gap.
On the policy front, BIBA's 2026 Manifesto called on the government to consider an Insurance Premium Tax carveout for cyber policies aimed at SMEs, arguing that the current 12% standard IPT rate acts as a meaningful disincentive to take-up among cost-pressured smaller businesses.
For Sutcliffe & Co, achieving ACIB status follows a decade of specialist focus on cyber risk. The Worcestershire-based broker was assessed and approved by BIBA for demonstrating technical experience across incident response, threat monitoring and IT recovery support.
Duncan Sutcliffe (pictured), managing director at Sutcliffe & Co, said the accreditation aligned the firm with broader national resilience objectives.
"This new accreditation demonstrates our commitment to national cyber resilience goals, as it is a government-aligned standard developed in partnership with the UK Department for Science, Innovation and Technology," he said. "Cyber security and cyber insurance have been a key focus for us over the last 10 years. As technology has become more advanced, cyber crime has intensified. We're tackling this threat head-on, and becoming ACIB accredited through BIBA solidifies the targeted efforts of our team."
