As part of our expanded coverage of our 2026 Technology Power Broker® winners and finalists, Risk & Insurance® recently spoke with James Standish, vice president and national practice leader for technology and life sciences for Travelers’. What follows is a transcript of that discussion, edited for length and clarity.

Risk & Insurance: James, thank you for coming back to chat with us about the technology industry. Last year you spoke about understanding the way tech companies make decisions and how coverage interplay can create advantages for brokers and clients. This year, we’re seeing major shifts across the tech ecosystem. How would you characterize the broader environment technology firms are operating in today?

James Standish: Happy to be back. To answer your question, it’s a dynamic environment. Companies are innovating at an incredible pace, but they’re doing so against a backdrop of increasing complexity. That includes the growing use of artificial intelligence across products and operations, rapid changes in customer expectations, heightened cyber threats and broader geopolitical pressures that can affect supply chains.

Our 2025 Travelers Special Report, developed in partnership with PitchBook, looked closely at mergers and acquisitions (M&A) within the tech industry. What stood out is that M&A and private equity activity have become part of how many technology companies are responding to this environment — using transactions to accelerate innovation, expand capabilities and adapt to competitive pressure, while also navigating meaningful operational change.

R&I: What regulatory trends are having the biggest impact on technology companies right now?

JS: Regulatory activity is accelerating on several fronts, and artificial intelligence (AI) is clearly one of the most influential drivers right now. Alongside ongoing focus areas such as data privacy and cybersecurity, regulators are paying closer attention to how AI is developed, governed and used within technology companies. Industry standards are still evolving, and in many cases, requirements are taking shape in real time, which creates uncertainty around enforcement and compliance expectations.

What makes AI particularly impactful is that it cuts across so many parts of an organization. Companies are using it to build products, automate processes and support decision-making, which raises questions around accountability, transparency and oversight. New laws, such as the California AI Transparency Act and the EU AI Act, reflect this shift by emphasizing the need to understand how AI systems operate, document their intended use and maintain appropriate human oversight — especially when those systems influence outcomes for customers or end users.

At the same time AI capabilities are expanding, cybersecurity expectations continue to rise. Recently, the Cybersecurity and Infrastructure Security Agency (CISA) released an updated version of its Cross-Sector Cybersecurity Performance Goals, which align with the National Institute of Standards and Technology (NIST) Cybersecurity Framework, a widely used structure for managing cyber risk from prevention through recovery. These goals outline a set of prioritized practices organizations can use to strengthen governance, manage vulnerabilities and improve resilience against common threats.

As technology companies scale — whether organically or through M&A — regulatory complexity tends to grow. Firms serving regulated sectors like finance or government may face additional scrutiny, and inherited processes don’t always align cleanly. In an environment where AI, cyber and privacy expectations are evolving together, strong documentation, clear governance and proactive risk management are becoming essential to staying ahead of regulatory pressure.

R&I: Let’s dig into cybersecurity further. Threats have continued to evolve, especially with more interconnected systems and distributed workforces. What should brokers be thinking about when advising tech clients?

JS: Cyber risk continues to escalate — not just in frequency, but in sophistication. Threat actors look to exploit integration points, third-party tools or gaps that emerge during periods of change, such as M&A or rapid scaling.

It’s important to recognize that cybersecurity has become an enterprise risk issue. It touches operations, reputation, contractual obligations — even talent retention if systems fail or customer trust erodes. Brokers who want to differentiate themselves in this space can help by translating complex security concepts into clear, practical steps organizations can act on.

According to the 2025 Travelers Risk Index technology companies reported their top cyber concerns to be:

1. Global or political instability leading to a cyber event;
2. Unauthorized access to financial accounts; and
3. A security breach or hackers.

This survey also found that 92% of tech companies surveyed said they believe having cybersecurity controls in place is critical, yet as high as 42% do not use endpoint detection and response tools, and 28% don’t use multifactor authentication for remote access. A consultative partner can help these firms evaluate potential shortfalls in their cyber preparedness, response and protection programs.

When looking at the full coverage picture, it’s also important to think about business interruption and system dependency. Cyber events today – whether due to a large-scale security breach or system glitch – can shut down far more than just a network.

R&I: Tell me more about the highlights from the Travelers M&A report and why brokers should be paying attention to this topic.

JS: There are several findings from the report that are particularly worthy of brokers’ attention. First, even with some softening, tech M&A remained a major force last year — more than 3,300 transactions drove over $450 billion in deal value. That tells us companies are using M&A — whether strategic or private equity-backed — as a core growth strategy to accelerate innovation, expand their customer base or strengthen their competitive position.

The second highlight is the impact these deals have inside organizations. Many companies reported significant changes after a merger — new tools, new leadership structures and shifts in roles or responsibilities. Those transitions can introduce new exposures or potential coverage gaps if they’re not carefully managed. The good news is that 94% of the tech companies we surveyed said their risk management practices became stronger post-transaction.

M&A is actively shaping the tech industry and creating new disruption for carriers and brokers as well. We found that 38% of survey respondents who went through a merger or acquisition in the last five years changed their carrier or broker. This market disruption could create new business or retention opportunities for the brokers well-equipped to consult these companies. For brokers with a client or prospect going through M&A activity, they need to get involved early in the process and ask questions to better understand the nuances of the transaction that could influence insurance decisions. Will the merging companies have a different footprint with buildings in new locations? Is there a new international operation or supplier dependency? What impact will the deal have on the current vs. future workforce? Taking the time for this proactive consultation will benefit the customer and the agent — hopefully supporting a strong, enduring relationship with the growing company.

R&I: Supply chain risk has also become more visible in recent years. How is that showing up for tech companies, and what does it mean for brokers?

JS: Supply chain complexity and resiliency is very top-of-mind right now. Many tech firms rely on components, cloud services or outsourced development from around the world, and any disruption — whether due to shortages, geopolitical issues or vendor instability — can have a cascading effect on production and delivery.

Software companies see this as well. Their supply chain includes code libraries, API dependencies or third-party platforms that may expose them to vulnerabilities outside their direct control.

For brokers, the takeaway is to look beyond the company’s four walls. If you step back and examine all the moving parts in a company’s supply chain, you can begin to see where bottlenecks or vulnerabilities might appear. Add an acquisition into the mix, and suddenly there are even more touchpoints to keep an eye on.

R&I: Let’s return to M&A for a moment. You mentioned the Travelers Special Report shows that many companies use transactions to accelerate innovation and broaden capabilities. What risk considerations should be top of mind as these deals come together?

JS: Great question. M&A can magnify existing vulnerabilities during integration. If two companies have different cybersecurity protocols, that may create gaps. If they use different engineering or quality standards, it can introduce operational inconsistency. And if teams aren’t aligned culturally, communication around incidents or compliance can suffer.

What stood out in our research is that companies generally emerge stronger — but only after investing time in aligning tools, processes, governance and risk management. Brokers can support clients by helping them anticipate those areas early, rather than reacting after challenges arise.

R&I: With many tech companies scaling rapidly, sometimes globally, how should brokers think about global or multi-region exposures in a way that’s practical and actionable?

JS: Global exposures can be subtle. A company might manufacture in one region, host data in another and sell into several countries. Each of those touchpoints may come with its own legal obligations, operational risks and potential insurance needs.

It’s also important to recognize that international exposure doesn’t always come from a physical office abroad. Short-term activities — like business travel, temporary project teams or working with overseas vendors — can create obligations under another country’s laws or regulations, even when a company’s presence there is limited.

For brokers, a good starting point is asking thoughtful questions to understand where a company’s operations, people and partners are located. Even modest expansion can introduce new regulatory expectations or administrative requirements that influence how a business grows. Helping organizations navigate those differences between countries can be especially valuable, as many companies have meaningful global exposures long before they would consider themselves global.

R&I: When you put all these forces together — cybersecurity evolution, supply chain stressors, regulatory shifts, talent challenges, M&A — what does that mean for the broker’s role?

JS: It means brokers are becoming strategic risk advisers, not just coverage specialists. Technology companies are dealing with interconnected risks that don’t fit neatly into traditional insurance categories. Brokers who can help clients see the bigger picture — and navigate it effectively — will stand out.

The key is curiosity. Brokers who ask deeper questions, who probe into how their clients build products, manage data or rely on vendors are the ones who identify issues early. Those insights can influence risk mitigation, coverage structure and the client’s broader operational planning.

R&I: Given the speed at which the tech industry moves, what steps can brokers take to stay current and thrive in this space?

JS: Success in this space starts with understanding how technology companies operate. Brokers who take the time to learn how a business develops its products, manages data or relies on partners are in a much better position to anticipate where risks might shift as the company evolves. Bringing a forward-looking approach goes a long way — and it often sets the stage for the kind of strategic problem-solving that tech companies value.

It’s also important to think holistically. Technology exposures often overlap — cyber, operational, contractual, regulatory — and brokers who can connect those dots are better equipped to offer clear, actionable guidance. Being able to simplify complex issues in a way that helps companies make confident decisions is an essential part of the broker’s role, especially during periods of change.

Finally, staying close to broader industry trends helps brokers remain ahead of the curve. Whether it’s a change in regulation, a new security expectation or evolving drivers of M&A activity, the brokers who thrive are the ones who stay engaged and are comfortable thinking creatively about how risk solutions may need to adapt. &