​

​

Reading time: 5 minutes

The Friday Five

Every Friday we distill 200+ insurance, legal, and cyber-risk articles into three signals your board can act on next Monday morning.

Three developments this week:

• Q2 pricing shows continued softening: D&O down 2.5% YOY, cyber down 1.5%, while umbrella climbs 11.5% - CIAB
• CEO deepfake scams exceeded $200M in Q1 alone, with 105,000 attacks targeting executives last year
• Why LION is implementing EOS: Building operational excellence to serve our clients better in the global insurance market

Q2 Pricing Softens in All P&C Lines But Casualty

Summary

The Council of Insurance Agents & Brokers' Q2 2025 report confirms what financial institutions are seeing in renewals: meaningful softening in professional lines.

Overall premiums increased 3.7% YOY, down from 4.2% Y in Q1. But the aggregate masks important divergence. D&O premiums decreased 2.5% for the sixth consecutive quarter, while cyber fell 1.5%. Employment practices liability dropped 1.8%. Meanwhile, umbrella surged 11.5% - the highest of any line - driven by nuclear verdicts that topped $1 billion five times in 2024.

Large accounts saw the most relief with premium increases moderating to 2.9%, down from 5.3% in Q1.

(source: CIAB Q2 2025 Market Report)

So what?

For financial institutions, this creates a clear renewal strategy.

D&O has been softening for 18 months straight. Carriers report excess capacity and improved loss experience after the 2020-2021 hard market. AM Best notes that "insurers providing U.S. directors and officers liability coverage had their most favorable loss experience in more than a decade in 2024." This is your window to push for manuscript improvements - broader definition of claim, removal of restrictive exclusions, enhanced Side A terms.

Cyber's decline reflects market maturity after years of capacity building. But don't just take the rate reduction. Use this leverage to address sublimits, waiting periods, and exclusions that emerged during the hard market.

The umbrella challenge requires different tactics.

Those nuclear verdicts we keep discussing? Five topped $1 billion in 2024 alone. Marathon Strategies counted 135 verdicts exceeding $10 million - a 52% increase over 2023. Some carriers are pulling capacity, which could force you to build more layers with more carriers at higher attachment points.

Every Executive Is Now a Target for Deep Fakes

Summary

Cybercriminals executed 105,000 deepfake attacks impersonating executives last year. One every five minutes.

The damage is staggering: over $200 million in Q1 2025 alone, per cybersecurity firm Optiv. The pattern is consistent: an urgent call from the "CEO" about a confidential acquisition, followed by a video meeting with AI-generated executives giving wire instructions. UK engineering firm Arup lost $25 million after a video call with multiple fake executives.

Here's what changed: the cost to create a convincing CEO deepfake dropped below $100. Your earnings calls, conference keynotes, and media interviews now train the AI models used against you.

(source: Wall Street Journal)

The LION Lens

What happened - OpenAI CEO Sam Altman warned of an upcoming "fraud crisis" as AI makes impersonation trivially easy (source).

Why it matters - Traditional controls fail when the "executive" looks and sounds perfect on video, exploiting the trust that makes business work.

Practical implications - Finance teams need callback protocols that bypass the executive being impersonated, internal verification channels, and explicit deepfake coverage in crime policies.

So what?

This is happening now at an industrial scale.

Your public profile is now an attack vector. Every investor call provides training data. The transparency markets demand creates the vulnerability criminals exploit. When your CFO gets a video call from "you" requesting an urgent wire, they genuinely believe it's you.

Traditional security training won't work when the deepfake is perfect. You need structural defenses: callback protocols through different executives, code words, dedicated verification channels. Most importantly, check your crime and cyber policies - many exclude AI-related fraud entirely.

The LION POV

Here's how we're advising clients:

• Create "circuit breakers" - if the CEO requests a wire, verify through the CFO or General Counsel, never back through the requesting executive
• Establish secured verification channels (dedicated phone lines, specific Slack channels) that must be used for any urgent financial requests
• Review crime and cyber coverage for explicit deepfake protection - many policies exclude or limit AI-related fraud

The deepfake crisis will accelerate until verification technology catches up. Position accordingly.

Why We're Implementing EOS at LION Specialty

Summary

We're implementing the Entrepreneurial Operating System (EOS) at LION Specialty. Yes, the framework from the famous book "Traction." And before you roll your eyes at another business book implementation, hear us out.

After 25 years in specialty insurance, we've learned that complexity compounds. Every client adds requirements. Every market shift demands new expertise. Every renewal becomes more intricate. Without systematic excellence, specialty firms either stay small or implode. We chose a third path: building operational infrastructure that scales.

EOS brings six components into alignment: Vision, People, Data, Issues, Process, and Traction. It's not revolutionary. It's disciplined execution of fundamentals - which is exactly what institutional insurance requires.

So what?

In divergent markets with varying renewal dynamics, you need partners who execute flawlessly.

EOS gives us the framework to deliver consistent excellence regardless of market chaos. Clear accountability means your renewal strategies get executed properly. Documented processes ensure nothing falls through cracks when markets shift suddenly. Data-driven decisions replace gut feelings when evaluating carrier partnerships or coverage structures.

Most importantly, it means we can handle complexity without dropping balls. When you're managing nine-figure programs across multiple lines with divergent market dynamics, operational excellence isn't optional.

We're sharing this because transparency matters. You trust us with massive exposures. You deserve to know we're building the infrastructure to handle that responsibility.

The Bottom Line

The Q2 data confirms what we're seeing live: professional lines softening, casualty hardening, and new risks emerging faster than coverage evolves. Add $200 million in deepfake losses and you have a market that rewards preparation over reaction.

Smart institutions are moving now - restructuring D&O during the soft cycle, shoring up umbrella before further hardening, and implementing deepfake defenses before becoming a statistic.

That's why we created the D&O Contract Vigilance Blueprint. It's a 5-day email course to help you:

• Secure better D&O insurance: Learn how to maximize coverage during this softening window
• Protect your personal assets: Understand deepfake and nuclear verdict exposure

​>>>Get the D&O Contract Vigilance Blueprint​

Don't wait until a claim hits to find out your institution is under-protected.

Thank you for reading today's edition!

Want to share this edition via text, email or social media? Simply copy-and-paste the link below:

​https://lionspecialty.kit.com/posts/the-wsj-s-first-readable-article-in-ages​

And if this briefing was forwarded to you, subscribe directly here.

Stay Covered,

Natasha & Mark​
Co-Founders and Managing Partners
LION Specialty

​
​

P.S. For those curious about EOS and "Traction" - here's the book that's shaping how we serve you:

​
​
​
​
​
​