Overview
AM Best is holding a Stable outlook on the global cyber insurance sector heading into 2026, citing strong demand, sustained profitability, and advances in underwriting efficiency. Ongoing improvements in policyholders’ cyber hygiene continue to reduce exposure to major loss events, contributing to more stable underwriting results. Beinsure has analyzed market data and highlighted the key points.
Despite a softening market since 2023, appetite for cyber insurance coverage remains high and is expected to persist across industries. Competitive pressure has increased, but insurers are likely to maintain profitability over the medium term.
Capital inflows from traditional reinsurers, along with modest participation from alternative sources, have supported continued growth. The market also benefits from improved risk assessment and underwriting precision, driven by the use of AI technologies, Beinsure noted.
Key highligths
- Global cyber insurance premiums rose 7% in 2025 to $15.3 bn, with projections showing average annual growth above 10% through 2030. Despite recent pricing pressure, demand remains high—especially among underserved small and mid-sized enterprises (SMEs).
- Even as rates declined due to increased competition, insurers maintained profitability through better underwriting discipline, enhanced cyber hygiene among policyholders, and greater use of real-time risk monitoring tools.
- AI and large language models are reshaping the underwriting process, replacing static questionnaires with continuous, API-driven data collection. This enables dynamic pricing and more precise risk segmentation based on live network data.
- New and evolving data protection rules—such as the EU Cybersecurity Act and U.S. CISA standards—are prompting more businesses to purchase cyber insurance, especially in finance, healthcare, and other heavily regulated sectors.
- Reinsurers and ILS providers are fueling growth, with over $750 mn in cyber catastrophe bonds issued in 2024 alone. This influx of capital has increased available limits and improved terms for buyers, supporting long-term market scalability.
Additionally, regulatory mandates and compliance obligations have played a role in accelerating cyber insurance adoption among businesses of all sizes.
The combination of sustained demand, operational improvements, and regulatory momentum positions the segment for continued resilience in 2026.
Demand for Cyber Insurance Remains Strong
Despite softening market conditions globally since 2023, the global cyber insurance market is anticipated to maintain strong and steady growth in the years ahead.
According to Munich Re, global cyber insurance premiums grew by 7% in 2025 to $15.3 bn and are projected to grow at an average annual growth rate of more than 10% through 2030, leading to a doubling in market size relative to its current scale.
This is despite a modest decline in US cyber insurance direct written premiums in 2024. A significant area of potential growth in the US will stem from cyber insurers addressing the protection gap, especially among small and medium-sized enterprises (SMEs), as many smaller businesses currently lack the proper safeguards or adequate coverage to protect themselves, Beinsure noted.
This presents a major opportunity for market expansion as awareness and adoption of cyber insurance continue to rise within the SME segment.
Between 2017 and 2022, the cyber market expanded at an impressive 32% annual rate. Global premiums doubled from 2017 to 2020 and then doubled again from 2020 to 2022, with projections initially anticipating this robust growth to continue.
Despite this, forecasts still suggest 20% annual growth, often presented as a near certainty. While this sounds promising, the question remains: is it realistic? Swiss Re’s data sheds light on the shifting market forces.
Insurers now use advanced technological tools to assess risks and offer cybersecurity services, providing a comprehensive approach to cyber risk management.
Cyber insurance market hit a tipping point
In 2022-2024 the cyber insurance market hit a tipping point. Strong rates and improved profitability prospects of cyber portfolios increased the appetite of incumbent market participants and attracted a series of new entrants into the cyber insurance market, accoding to Cybersecurity Spending Trends.
Increased competition – initially on excess layers and later primary business as well – reversed the rate and exposure cycle in 2023. And rate reductions counter-balanced a lot of the organic growth.
The pronounced upwards cycle until 2022, followed shortly by a downwards trend has been observed globally, however, with some regional nuances. Higher rate increases were observed in North America compared to the European cyber market.
While the SME segment saw more modest changes, rate increases were most pronounced for large corporates.
US remains the world’s leading cyber insurance market
While the US remains the world’s leading cyber insurance market, with the NAIC reporting it accounts for up to 59% of global premiums, AM Best expects international markets to steadily gain a larger share of the global premiums in the coming years.
Given that European and Asian cyber insurance are still developing relative to the US, it is reasonable to expect that these regions will experience greater market penetration in the future.
Currently, the market is a notably buyer-friendly one, as elevated competition among carriers has resulted in negative rate changes since 2023.
Cyber Insurance Rates Continue to Fall as Market Matures
Despite the recent declines in rate, cyber insurers are continuing to deploy the necessary capital to meet the demand for cyber insurance both currently and in the future.
Fundamentally, the market’s expansion is underpinned by increasing awareness of cyber risk and the need for risk transfer solutions to protect against the growing threat of cyber crime.
Heightened awareness of cyber threats has motivated insureds to strengthen their cyber hygiene, leading to more robust defenses and swifter incident responses, which in turn has helped to reduce potential losses, Beinsure noted.
Cyber insurers remain actively engaged with clients to support risk management efforts, transforming the insurance process into a digital partnership that is mutually beneficial for both parties.
AI Adoption Reshapes Cyber Underwriting Practices
Insurers are increasingly using large language models and AI to improve cyber risk evaluation. These tools analyze extensive datasets to assess applicants’ security practices and exposure levels more accurately.
As a result, underwriting is shifting from manual, questionnaire-driven processes toward API-based, real-time monitoring.
Advanced models now process live data from policyholders’ networks, allowing insurers to continuously evaluate risk and adjust premiums based on changes in a company’s security posture. This shift enables more precise risk selection and pricing while improving operational efficiency.
Compliance Pressure Driving Cyber Insurance Uptake
Regulatory frameworks continue to drive cyber insurance adoption, particularly in highly regulated industries like finance and healthcare.
Organizations face mounting pressure to comply with data protection laws, and cyber insurance is becoming a core element of risk management strategies.
Revised and expanded legislation—such as the EU’s Cybersecurity Act—is expected to boost market awareness and adoption further.
In the U.S., standards set by the Cybersecurity and Infrastructure Security Agency (CISA) indirectly shape insurer expectations. Companies seeking coverage are often required to align with established cybersecurity frameworks to qualify.
According to Global Cyber Risk Report, third-party risk continued as a frontline issue across the year, as businesses found it increasingly challenging to protect their supply chains.
And importantly, we observed occasional misunderstandings about what cyber insurance covers – and doesn’t cover – which reflects the need for more education across the industry.
Global competition in the cyber insurance sector increased, and pricing for US-based risks declined for the tenth consecutive quarter.
Ransomware Surges as Leading Cyber Threat
Ransomware activity remains a top concern. While business email compromise (BEC) and funds transfer fraud (FTF) account for the largest share of insured losses, ransomware continues to grow in both frequency and impact.
After a record-breaking 2023, global ransomware incidents rose 11% in 2025, reaching 5,414 reported attacks, according to Cyberint. The U.S. accounted for nearly half of all cases.
In response, more organizations are implementing Zero Trust architectures, which assume no implicit trust for users or devices and require continuous verification.
Although cyber insurance adoption has grown, significant coverage gaps remain – particularly among small and mid-sized enterprises.
Reinsurance and ILS Providing the Capacity to Fuel Growth
As mentioned, capacity in the cyber insurance market is increasing, with more carriers and reinsurers entering the segment and existing players raising their limits due to competitive forces. This has led to higher available limits and more flexible and favorable terms for buyers, Beinsure noted.
Reinsurers are pivotal in supporting primary insurers’ ability to offer broader and more complex coverages, as well as meeting the evolving needs of businesses worldwide.
Although most reinsurance capacity continues to be through proportional covers, there has been a shift toward non-proportional covers for greater tail protection more recently.
The insurance-linked securities (ILS) and catastrophe bond (CAT bond) markets have become important sources of alternative capital and diversification for the market.
In 2024, the cyber-ILS market deployed over $750 mn in 144A cyber cat bonds, including Beazley’s $210 mn PoleStar 2024-3 transaction, one of the largest cyber CAT bonds issued to date.
Threat of Systemic Risks
Large-scale cyber incidents, such as the 2024 CrowdStrike and CDK Global outages, demonstrate the potential for a single point of failure to disrupt industries globally.
These systemic events threaten to overwhelm insurers’ capacity, particularly for business interruption claims, and expose gaps in coverage for cascading supply chain attacks.
Despite the known concerns of systemic cyber risks, the ability to accurately model and quantify these risks will remain an ongoing challenge due to the scale and complexity of an ever-increasing digital landscape.
Additionally, having a dearth of historical data related to large-scale systemic cyber incidents makes validating and refining cyber models more difficult.
AI-Powered Threat Proliferation
While AI enhances cyber defense, it also enables cyber criminals to automate attacks and exploit vulnerabilities at a much larger scale.
AI can enable very convincing and highly personalized attacks against individuals and businesses, which could increase success rates for cyber criminals.
It will be critical for businesses to increase cybersecurity awareness amongst employees within their organizations and adopt AI-driven cybersecurity solutions to counter these evolving cyber threats.
Insurers Face Increasing Risk of Cyber Attacks
Insurance companies have recently been the target of multiple cyber attacks, reflecting a growing threat to the industry.
Insurers with huge amounts of policyholders’ data, loss control information, and other sensitive client information are targets for hackers, and it is crucial for insurers to fortify their systems to prevent fraud, breaches in internal controls, and business disruptions due to cyber risk.
Cybersecurity experts, including those from the Google Threat Intelligence Group, have warned the cybercrime group Scattered Spider is targeting the US insurance industry.
AM Best will continue to monitor these incidents with affected insurers and, as of this briefing, the insurers’ credit ratings have not been impacted.
FAQ
Cyber insurance continues to see high demand due to rising awareness of digital threats and the need for risk transfer solutions. While market rates have declined since 2023, growth is expected to continue, particularly among small and mid-sized enterprises where coverage gaps remain. Global premiums rose 7% in 2025 to $15.3 bn and are forecast to double by 2030.
Despite downward rate trends, insurers are managing to stay profitable through improved underwriting, stricter risk selection, and more active engagement with policyholders. Enhanced cyber hygiene among insureds and growing use of AI-based risk evaluation have helped lower loss ratios and stabilize claims costs.
AI and machine learning models now assess cyber risk in real time by analyzing live network data. This shift away from manual, static questionnaires enables more accurate pricing and responsive premium adjustments based on a company’s evolving security posture. The result is faster, more adaptive underwriting.
Compliance mandates, such as the EU Cybersecurity Act and U.S. frameworks from agencies like CISA, have pushed more businesses to obtain cyber coverage. Companies in regulated sectors—such as finance and healthcare—are especially active buyers as insurers increasingly require alignment with recognized cybersecurity standards.
Reinsurers continue to supply the bulk of capacity, but alternative capital is playing a larger role. In 2025, over $750 mn in cyber catastrophe bonds were issued, including Beazley’s $210 mn PoleStar transaction. The cyber-ILS market is now a growing source of diversification and risk-sharing.
Ransomware remains a leading threat, with reported incidents rising 11% in 2024. Large-scale events like the CrowdStrike and CDK Global outages have raised concern over systemic risks, which could lead to widespread losses. These risks challenge existing modeling capabilities and highlight the need for stronger supply chain protections.
Yes. Insurers are increasingly targeted by sophisticated cybercrime groups due to their access to sensitive policyholder data. Threat actors like Scattered Spider have reportedly focused on the insurance sector. AM Best is monitoring these risks closely but has not adjusted credit ratings as a result of recent incidents.
………………….
AUTHORS: Michael Lagomarsino – Senior Director at AM Best, Valeria Ermakova – Associate Director, Analytics at AM Best, Robert Gabriel – Senior Financial Analyst at AM Best
