In conversation with Ilze Pāne-Brodsgarda, General Manager of GrECo Latvia, Paul Johannes Spittau, Head of Group Carrier Relations and Mediation at GrECo International, explores the technology forces reshaping loss patterns in Lativa, and what that means for cyber insurance renewals in 2026.
Emerging Technology Trends and Their Impact
Spittau: What are the key challenges faced by businesses in Latvia, and how are the country’s conditions shaping corporate risks and the insurance industry’s role?
Pāne-Brodsgarda: AI is quickly becoming central to how businesses and public bodies operate. It’s not just an add-on; soon, it’ll be woven into everyday systems and routines.
In the past year, Latvia has seen AI adoption nearly double, as organisations weave this technology into their daily routines. On the plus side, this shift is boosting productivity and driving innovation. But there’s a flip side: as AI becomes more common, so do cyber risks like phishing and deepfake scams, making digital security and independence more important than ever for Latvian businesses and public bodies.
Innovation will carry on, especially in deep tech and digital infrastructure. Real-time decision-making with multi-agent systems and ‘physical AI’ will change industry coordination. Plus, climate tech and sustainable energy will see more investment as decarbonisation and resilience take priority.
Changing losses: fraud, outages and compliance
Spittau: How are digital-transformation pressures, regulation and today’s economic reality changing cyber and technology-related loss patterns in Latvia?
Pāne-Brodsgarda: I expect three shifts. First, more fraud-led and identity-led losses, because AI strengthens social engineering and account compromise. Second, more non-malicious but still severe outage losses, because cloud and software concentration turns supplier failure into a balance-sheet issue, not just a technical inconvenience. Third, more compliance-driven loss amplification: the technical event may be manageable, but reporting, legal, operational and reputational burden becomes much more expensive under NIS2-style obligations, DORA and growing AI-governance pressure.
Spittau: What does that mean for pricing, deductibles, capacity, exclusions and underwriting scrutiny?
Pāne-Brodsgarda: The short answer is the market is softer, but the discipline is harder.
Pricing and capacity are improving for well-prepared buyers. Good risks should benefit in 2026, supported by competition and new market players. Buyers with credible controls and a clear narrative should use this window to improve programme structure, not only to reduce premiums.
Deductibles and terms still separate strong from weak risks. Even in a softer market, insurers are still differentiating sharply based on operational resilience. Where business interruption exposure, ransomware readiness and supplier concentration look weak, clients should not expect the best deductibles or wording. Weak governance is increasingly showing up in terms, not only in premiums.
Underwriting scrutiny is becoming evidence based. Underwriters care less about what policies say on paper and more about how controls work in practice. The era of checkbox underwriting is ending; clients need evidence.
Regulation: the compliance load that’s reshaping cyber programmes
Spittau: Which legislative and regulatory developments are most challenging for companies and why?
Pāne-Brodsgarda: Latvia’s National Cyber Security Law and NIS2 are having the biggest impact locally, as they broaden governance requirements and give authorities more power to inspect and enforce. Many businesses are still working on inventories, accountability and incident reporting, with cyber readiness now a clear management responsibility. For the financial sector, DORA has been in force since January 2025, demanding stronger ICT risk management, resilience testing and closer scrutiny at renewal, moving firms from policy paperwork to real operational evidence. Meanwhile, the EU AI Act is shaking up how companies approach artificial intelligence. The phased timeline means obligations are coming in gradually, but many organisations are finding it much easier to use AI than to demonstrate responsible governance.
From events to action: Lessons from recent disruptions
Spittau: In 2024, Latvia experienced a surge in politically motivated cyberattacks and, globally, the CrowdStrike outage disrupted millions of devices. How did these events affect Latvian businesses?
Pāne-Brodsgarda: The last quarter in 2024 saw record numbers of compromised IP addresses due to a wave of high-volume cyberattacks, mainly linked to pro-Russian actors. The CrowdStrike outage on 19 July 2024 also highlighted that a security-tool update, not just hostile attacks, can disrupt critical services worldwide. The main lessons for Latvian businesses were the importance of asset visibility, disciplined change control, robust fallback procedures and rapid recovery. Weaknesses included over-concentration and assumptions that security tools automatically mean resilience.
Spittau: What three actions should companies take now?
Pāne-Brodsgarda: Firstly, businesses should map critical third-party dependencies and define fallback operations. Many losses now start outside the company perimeter. Done well, this strengthens business continuity, improves underwriting and reduces surprises when a supplier fails.
Secondly, they should change control and recovery discipline for security tooling itself. The CrowdStrike event showed that resilience must include the tools meant to protect you. Rollback, testing discipline and recovery sequencing become operational questions, not just IT questions.
And thirdly,businesses should buy and structure cyber cover for outage reality, not just data-breach headlines. If an organisation is operationally dependent on cloud, SaaS or external ICT partners, the insurance programme must reflect that through the right focus on system failure and contingent business interruption scenarios.
How to win better terms
Spittau: What shifts do you foresee in cyber and technology insurance renewals in Latvia for 2026?
Pāne-Brodsgarda: Good risks should have more leverage in negotiations, especially as the European cyber market is currently favouring buyers with lower costs and greater capacity. However, underwriters are now looking for solid proof around incident response, EDR, MFA, monitoring, third-party exposure and AI practices, so being well prepared matters as much as timing. There’s also a stronger shift towards assessing operational resilience, think supplier dependency, business interruption, cloud reliance and AI use. Those who approach renewal as a resilience strategy rather than just a procurement task will come out on top.
Spittau: What three essential steps should companies take now to secure stronger renewal outcomes?
Pāne-Brodsgarda: Build an evidence pack before the insurer asks for it. Include MFA scope, EDR deployment, backup design, incident-response ownership, tabletop testing and third-party dependency mapping, because evidence now directly influences underwriting quality.
Quantify the real business-interruption story. Explain which systems generate revenue, which vendors are critical, and how long manual workarounds are viable. Insurers are increasingly prepared to support strong risks when operational exposure is clearly articulated.
Align legal, IT, operations and insurance before renewal. Cyber now sits at the intersection of regulation, operations and finance. The best renewals are won internally before they are won in the market.
Paul Johannes Spittau
Head of Group Carrier Relations & Insurance Mediation
T +43 664 537 17 42
Ilze Pāne – Brodsgarda
General Manager
GrECo Latvia
T +371 29444664
