New Marsh survey shows sharp rise in cybersecurity investment
Marsh’s latest global survey shows a clear shift in how organizations are approaching cyber risk. Nearly two-thirds of companies expect to increase cybersecurity spending next year, and more than a quarter plan increases of 25% or more. For an exposure that has moved rapidly from technical inconvenience to operational threat, the spending trend signals a broader recalibration: businesses are budgeting for cyber the same way they budget for continuity, compliance, and core infrastructure.
For the PEO industry, which manages interconnected HR, payroll, and employee data systems, this shift has direct implications.
Investment priorities show a move toward stronger preparedness, where organizations are choosing to spend it is as important as how much they plan to spend.
Marsh reports that:
· 70% plan to increase investment in cybersecurity technology and mitigation
· 68% plan to strengthen incident planning and preparation
· Many will expand budgets for cybersecurity personnel and employee training
· 65% expect to increase investment in cyber insurance
This marks a pivot from reactive spending (after breaches occur) toward structured, preventive investment. Companies are aiming to build resilience, improve response capability, and better quantify financial exposure.
For PEOs and their client companies, this trend aligns with what the industry has been experiencing: cyber events are no longer isolated to IT teams, they directly disrupt payroll, onboarding, benefits, and regulatory reporting. Strengthening readiness is no longer optional.
Third-party and supply-chain cyber incidents are rising, a critical signal for PEO models
One of the most significant findings in the Marsh report is that 70% of organizations experienced at least one material third-party cyber incident in the past year.
This is especially relevant to the PEO ecosystem, where:
· Payroll systems integrate with banking partners
· HR platforms connect to benefits administrators and carriers
· Compliance systems interface with multiple state and federal agencies
· Client companies run their own environments that feed data into PEO systems
The Marsh data reinforces a reality the PEO industry already understands:
Most cyber risk is shared, not isolated.
And when dependencies increase, exposure multiplies.
Why this matters now and how PEOs can strengthen client protection?
Cyber risk is scaling faster than traditional control structures, and organizations are responding with higher budgets, stronger preparation, and more rigorous financial protection. For PEOs and their clients, the message is clear: cybersecurity is no longer an IT function,it is a shared operational priority.
But for small and mid-sized employers- the core of most PEO portfolios, access to meaningful cyber protection remains uneven. Many lack the resources, scale, or expertise to purchase standalone policies, even as exposure increases.
That gap is exactly what the Client Company Cyber Liability Program was built to solve.
A proven, scalable way for PEOs to protect their book
The program is designed for easy adoption, with no individual underwriting and enrollment models that blend seamlessly into PEO administration, including:
Embedding the program across the portfolio as part of the monthly admin fee
Embedding with EPLI as an enhancement
Opt-out onboarding for existing and new clients
Auto-enroll options with opt-out only upon proof of comparable coverage
The bottom line
Cyber risk is accelerating, cyber budgets are rising, and the operational stakes are getting higher. The Marsh survey makes one thing clear: preparedness is no longer optional.
For PEOs, this is the moment to ensure your client companies have the protection they need, and the Client Company Cyber Liability Program provides a streamlined, cost-effective way to do it.
To learn more or activate enrollment options, contact sreynolds@libertateins.com.