Most people think ransomware is completely responsible for the increased rates and lower coverages being seen in the cybersecurity insurance industry, but BEC scams are also big part, and were causing insurance industry profitability issues even before ransomware became the biggest issue. It's hard for this type of scam to be fixed by technology, but simply making it a policy, and testing and enforcing it, that no one takes and implement payment changes without first verifying by calling a predefined trusted phone number to the people responsible for the legitimate payments, would solve most, if not all, of these sorts of attacks. You simply cannot trust email for payment change instructions.