Welcome to this week's recap. The news and insights mid-market producers actually need, without the snoozefest.

Today: 4 briefs. 1 deep dive. 1 podcast. 0 boring.

Let’s roll!

Here's a number to remember: $10 billion. That's what S&P Global says the data center insurance market could hit in premiums this year.

That’s double the entire global aviation market.

The AI boom is building campuses so massive that a single location can carry $30 billion in insurable value. In 2023, insuring a $20B campus was nearly impossible. In 2026, it's a weekly conversation. No single carrier can handle it alone. Think consortiums, layered towers, and facilities placements becoming the new normal.

The market is wide open. And so hot right now.

Your clients are probably doing something dangerous, and you might wanna warn them.

A federal judge in New York recently ruled that a CEO's private chats with Claude AI weren't protected by attorney-client privilege. Prosecutors got all 31 documents.

Why? Because ChatGPT and Claude are third parties, not lawyers, and their privacy policies basically say “we can share your data”.

Translation: every client who's ever vented to an AI about a lawsuit, a claim dispute, or a messy employment situation may have handed the other side a gift.

That's your phone call. Business owners are always managing active disputes, HR headaches, or coverage questions and they need to hear this from you before they hear it from their attorney, or worse, a prosecutor.

Go forth, and save the day.

A warehouse worker in Ontario, CA allegedly set a 1.2-million-square-foot Kimberly-Clark distribution center on fire in the early morning hours of April 7, filmed it, posted it to Facebook, and said "should have paid us more."

Twenty coworkers were inside. Thankfully, nobody died. The building and contents? Total loss. Estimated damage over $600 million.

That’s a crap-load of toilet paper.

Friendly reminder: most commercial property policies have serious gaps when the fire is intentional, especially when the torch-holder is on the payroll.

Enter crime and fidelity coverage. Do your clients have it and understand it? Or were they at least presented it?

Worth double-checking.

An insurtech you've never heard of, Corgi, is suing another insurtech you've never heard of, Vouch, for corporate espionage. And the scoop is juicy.

According to the lawsuit filed April 14, Vouch's own Chief Legal Officer allegedly created a shell LLC (no website, no revenue, no clients, no EIN) and used it to apply for a policy through Corgi's platform on the exact same day the LLC was formed. The application was detailed enough to trigger a full policy issuance, conveniently unlocking Corgi's proprietary underwriting logic, pricing architecture, and custom policy forms. Days later: cancellation requested.

Ma’am. Seriously? You didn’t think they’d notice?

This isn't even the first insurtech-steals-from-insurtech lawsuit in six months. Applied Systems vs. Comulate, now this. The insurtech space is out here reinventing insurance and apparently also reinventing corporate drama.

We’re here for it.

We’ve partnered with Element 22 Insurance Services to be Max Revenue’s preferred wholesale broker. Here's the skinny on them:

☑️ Niche specialists across Habitational, Hospitality, & Contractors- real expertise, not generalists

☑️ Exclusive in-house binding authority on Wind Deductible Buy-Backs- Lloyd's of London, up to $7.5M limit, higher producer commissions, AOP & Flood buy-downs also available

☑️ Boutique feel, national muscle- you get a real person, not a portal and a prayer

If you've got accounts that need a creative solution for Hab, Hospitality, or Contractors, give them a shot. They’re legit.

You can send your submissions straight to [email protected] Or call Brian at (843) 296-3376 and tell him Max Revenue sent you.

Let's start with $5 million.

That's the average cost of a ransomware incident in 2026, according to IBM. In the US, it's over $10 million. And before your clients say "we'd just pay the ransom and move on," the actual ransom is only about 15% of that total bill. The rest is downtime (averaging 24 days) forensic investigation, legal fees, regulatory fines, and a reputational hangover that can last years.

Oh, and 83% of companies that paid were attacked again. So there's that.

Meanwhile, CrowdStrike found that 78% of companies were hit by ransomware in the past year despite most of them believing they were prepared. Not 78% of big companies. Not 78% of tech companies. 78% of all companies. Full stop.

Here's where it gets even spicier. A fresh consumer survey found that 84% of people feel secure using their internet-connected devices, but only 29% are actually following recommended cybersecurity practices. And the proportion of consumers with zero identity protection tools rose to 22% in 2026, up from 18% the year before.

That gap between confidence and reality? That's your client sitting across the table from you telling you their IT guy "has it handled." And we both know he doesn’t.

And then there's AI. CrowdStrike reported that AI-enabled attacks surged 89% year-over-year. The same tools your clients use to write proposals and summarize emails are now on the menu. Adversaries are using malicious prompts to steal credentials and deploying highly convincing deepfake social engineering to trick employees into authorizing fraudulent payments.

#1. The ransom is the cheap part Are you still anchoring coverage limits to "what would a ransom demand look like?" That's the wrong question.

The ransom itself represents roughly 15% of the total cost of an attack. The largest costs come from operational downtime, system recovery, legal fees, and regulatory fines. For every $1 in ransom, your client needs to be prepared for $6 in additional recovery costs. If their limits are built around the ransom, they're underinsured. The conversation needs to shift from "what will they demand?" to "what would 24 days offline actually cost this business?"

#2. Confidence is not a security strategy 73% of consumers are already concerned about malicious AI use, yet the gap between perceived and actual preparedness has never been wider.

This isn't just a consumer problem; it mirrors exactly what you’re seeing in mid-market commercial accounts. Business owners who feel safe are the ones who skip MFA setup, reuse passwords, and let employees use personal devices on the company network. Feeling secure and being secure are two very different things, and claims live in the gap between them. Your job is to close that gap.

#3. Cyber coverage from 2023 is dangerously inadequate in 2026 The attack surface your clients had three years ago looks nothing like the one they have today. Every new AI tool they've adopted is a potential entry point for adversaries to establish persistence or intercept sensitive data.

It’s not just about the aggregate limit anymore; it’s about the sub-limits for forensics, social engineering, and business interruption. If those haven't been touched since 2023, they’re basically decorative. That's a renewal conversation worth having now, not after the claim.

In this episode, Trey sits down with Scott Moak — Top EB Producer and Sales Leader at Ross & Yerger — to talk about what it actually takes to build a team of elite producers.

Today's email was written by Trey Shields

Edited by Mal Ware and Dee Cryption

Was this email forwarded to you? Sign up here