"Moral hazard" is the term insurance wonks use to discuss the misplaced incentives that insurance can create. It's not a new problem; it has been a part of insurance underwriting since the days of sail. Just as car insurance might encourage bad driving, or fire insurance might encourage people not to install smoke detectors, cyber insurance might encourage incompetent security practices. Why bother doing the right thing if insurance is going to pay you to do the wrong thing?
The time-tested strategy by insurance carriers to limit moral hazard is to use insurance deductibles and co-pays, and to cap maximum payouts. That way the insured shares in the financial risk and is motivated to drive safely, to install smoke detectors, and to deploy strong cybersecurity controls in their enterprise.