Overview
- Volume, not price, pushed U.S. cyber insurance premium growth
- P&C Cyber Insurance Direct Written Premiums
- U.S. cyber insurance coverage still looks patchy
- Cyber Insurance Market Totals
- Insurers with specialized underwriting teams look better placed
- AI still gives insurers and insureds some upside
- Cyber insurance-linked security market is growing
U.S. cyber insurance direct written premiums rose nearly 11% in 2025, ending two straight years of decline. Fitch Ratings says policy growth drove the rebound, even as aggregate pricing softened.
The market still made money, though incurred direct losses worsened and artificial intelligence added fresh underwriting strain for property/casualty insurers.
The cyber insurance market rebounded, driven by strong demand rather than pricing power. The NAIC overhauled the cyber supplement to the annual statement for 2025 filings, changing from a two-way standalone/packaged split to a there-way primary / excess / endorsement split, according to AM Best. Any US cyber insurance business written by alien insurers is not included.
Key Highlights
- U.S. cyber insurance premiums rose nearly 11% in 2025, mainly due to a ~34% increase in policies in force. Fitch Ratings notes that pricing actually softened, meaning demand fueled growth.
- The market stayed profitable, yet rising claims and a higher loss ratio (including defense and cost containment expenses) signal tightening margins as competition increases and rates decline.
- Artificial intelligence is a double-edged sword: it improves detection and response but also enables attackers to scale faster. Developments like Anthropic Mythos model highlight how AI could materially increase cyberattack frequency.
- 50% of small and medium-sized businesses remain underinsured due to limited budgets. Beinsure identifies this gap as a key driver for future market expansion.
Volume, not price, pushed U.S. cyber insurance premium growth
Policies in force climbed about 34%, more than enough to offset weaker aggregate pricing. According to Beinsure analysts, the shift points to broader awareness of cyber exposure and a tougher competitive market.
Boards and management teams increasingly see cyber events as a threat to operations, legal liability, and revenue, even when direct financial losses stay limited.
The premium decline was nearly identical to the year-over-year decline in pricing, indicating there was little change in cyber risk exposure from 2023 to 2024 (see 2025 Global Cyber Risk Report).
With an increase in claims accompanying the drop in premium, the loss ratio, including defense and cost containment (DCC) expenses, did increase.
P&C Cyber Insurance Direct Written Premiums
Revisions to the CIAB’s filing requirements for the statutory supplement for U.S. cyber insurance begininng in 2024; while the categories have changed, the totals are still comparable.
U.S. Cyber Insurance Market – Key Metrics
| Metric | Value / Trend | Insight |
| Premium Growth | +11% | Driven by policy volume, not pricing |
| Policies in Force | +34% | Strong demand and broader adoption |
| Pricing | Declined | Competitive pressure in the market |
| Loss Ratio | Increased | More claims + lower premiums |
| Profitability | Still positive | But margins are tightening |
Premiums are now broken down
Premiums are now broken down into three categories (primary, excess, and endorsement) versus two categories (standalone and package) for prior years. RHS – Right-hand side. LHS – Left-hand side.
According to Munich Re, global cyber insurance premiums grew by 7% in 2025 to $15.3 bn and are projected to grow at an average annual growth rate of more than 10% through 2030, leading to a doubling in market size relative to its current scale.
This is despite a modest decline in US cyber insurance direct written premiums in 2024. A significant area of potential growth in the US will stem from cyber insurers addressing the protection gap, especially among small and medium-sized enterprises (SMEs), as many smaller businesses currently lack the proper safeguards or adequate coverage to protect themselves, Beinsure noted.
U.S. cyber insurance market structure & competition
| Factor | Trend / Change | Impact |
| New Entrants | Increasing | Adds competition, pricing pressure |
| “Naive Capacity” Risk | Rising | Highlighted by Fitch Ratings |
| Underwriting Expertise | Key differentiator | Specialized insurers perform better |
| Policy Wording Importance | Increasing | Critical for managing complex risks |
This presents a major opportunity for market expansion as awareness and adoption of cyber insurance continue to rise within the SME segment.
Between 2017 and 2022, the cyber market expanded at an impressive 32% annual rate. Global premiums doubled from 2017 to 2020 and then doubled again from 2020 to 2022, with projections initially anticipating this robust growth to continue.
Despite this, forecasts still suggest 20% annual growth, often presented as a near certainty. While this sounds promising, the question remains: is it realistic? Swiss Re’s data sheds light on the shifting market forces.
U.S. cyber insurance coverage still looks patchy
Larger and more sophisticated companies tend to buy meaningful protection. Smaller organizations still lag, often because budgets aren’t there.
The U.S. cyber insurance market stayed profitable in 2025, though signs of pressure showed up. A 5 pp rise in incurred direct losses suggests lower rates and wider market participation will chip away at underwriting margins over time.
Fitch flags naive capacity as a credit risk, with new entrants competing hard without enough claims history or technical expertise.
Cyber Insurance Market Totals
| Category | Premiums ($mn) | Chg (%) | Market Share (%) | Comb Ratio |
| Top 5 | 2,153.1 | -5.8 | 30.4 | 71.6 |
| Top 10 | 3,509.2 | 2.3 | 49.6 | 75.2 |
| Top 20 | 5,393.3 | 2.7 | 76.2 | 78.1 |
| Total P&C Market | 7,075.2 | -2.3 | 100.0 | 72.7 |
In 2022-2024 the cyber insurance market hit a tipping point. Strong rates and improved profitability prospects of cyber portfolios increased the appetite of incumbent market participants and attracted a series of new entrants into the cyber insurance market, accoding to Cybersecurity Spending Trends.
Increased competition – initially on excess layers and later primary business as well – reversed the rate and exposure cycle in 2023.
And rate reductions counter-balanced a lot of the organic growth.
Insurers with specialized underwriting teams look better placed
The same goes for carriers with clearer contract wording, tighter aggregation management, and closer use of cybersecurity assessments in underwriting.
Policy wording matters a lot here, especially around war exclusions, silent cyber exposure, business interruption triggers, and contingent losses tied to vendor outages or infrastructure failures.
The risk picture shifted again with the partial release of Anthropic’s Mythos model. That move raised concern across cybersecurity and financial circles.
Cyber risk Ddrivers
| Risk Factor | Trend | Effect |
| Artificial Intelligence | Rapid expansion | More attacks, faster exploitation |
| Ransomware | Systemic threat | Increasing frequency and severity |
| Third-party Dependencies | Growing | Higher systemic risk exposure |
| Vulnerabilities vs Patches | Imbalance | More exploitable weaknesses |
AI still gives insurers and insureds some upside
AI changes cyber risk because vulnerability analysis used to be labor-heavy and offered limited financial upside for researchers. AI fills that gap at scale, fast. It lowers barriers for attackers, widens third-party risk, and could lift attack volume in a material way.
It improves threat detection, speeds incident response, and supports continuous real-time threat intelligence.
Even so, according to our data, vulnerabilities are likely to outnumber patches over the short to medium term. That leaves insurers in a rough spot, profitable for now, though facing a messier risk set.
Cyber insurance remains a niche line despite the premium rebound. It accounts for about 1% of total direct written premiums, which limits its effect on profitability across multi-line insurers.
Ransomware is no longer a marginal cyber risk
It has become a systemic threat, driven by the rapid expansion of cloud infrastructure, widespread AI adoption, and growing dependence on third-party technology providers.
Organisations across every major sector now operate in highly connected digital ecosystems where a single weak link can expose thousands of downstream users.
Ransomware attacks are set to rise sharply, with victims publicly named on leak sites expected to climb from 6,000 in 2025 to more than 7,000 by the end of 2026. The jump marks a fivefold increase since 2020, when only 1,412 victims appeared on those sites.
Cyber insurance market gaps & opportunities
| Segment | Status | Opportunity |
| Large Enterprises | Well insured | Stable demand |
| SMEs | Underinsured | Major growth potential |
| Cyber ILS Market | ~1.4% of $63bn ILS market | Early-stage expansion |
| Market Penetration | ~1% of total P&C premiums | Significant room to grow |
Cyber insurance-linked security market is growing
The cyber insurance-linked security market is growing too, though it still makes up only about 1.4% of the $63 bn 144A ILS market.
According to Beinsure, that share shows how hard it still is to model cyber risk at a scale capital markets investors will accept.
Insurance-Linked Securities (ILS) have played a key role in allowing catastrophe risk to be transferred from the commercial insurance market to investors, providing much needed additional (re)insurance capacity. There has been talk for years about the potential of cyber ILS to transform the cyber insurance market.
Cyber insurance is typically written on a claims-made basis which naturally reduces the development tail for all losses, both first and third party.
With certain limitations, negotiated collateral release mechanisms can enable capital to be freed up efficiently.
Ultimately, the extent to which the cyber ILS community embraces each of the three trigger types will depend on several factors.
Education about cyber risk and the underlying coverages is key for new investors, and due diligence will take time.
Price is obviously paramount: protection buyers will expect a discount over UNL pricing in return for accepting the basis risk associated with parametric and index products, which might fall short of sellers’ expectations, even in a hard reinsurance market.
The cyber insurance market is set to continue growing and the insurance market penetration is increasing in established and emerging markets alike. There are limits to traditional market capacity to take on this extra demand and each of these cyber ILS triggers have a role to play.
According to Fitch Ratings, capital markets solutions for cyber reinsurers present the potential for counterparty diversification and an opportunity to lessen “tail risk” for a rapidly growing product line of property & casualty insurance.
Wider development of the cyber risk transfer market requires further maturation of the product, including greater standardization of coverage terms and policy language, price discovery and risk modelling applications.
Cyber risk is difficult to assess due to the dynamic, man-made root causes of claims. Challenges include a lack of widely accepted modelling tools and a limited data set of historical claims where past events are not necessarily indicative of future risks.
While profitability persists, rising claims, intensifying competition, and evolving risks (especially from AI and ransomware) are creating a more challenging underwriting environment.
Despite these pressures, long-term growth prospects remain solid, particularly as insurers expand into underserved segments like SMEs and explore new risk transfer solutions.
FAQ
Premiums rose by nearly 11% primarily due to increased policy volume rather than higher prices. According to Fitch Ratings, a 34% rise in policies in force offset softer pricing, signaling stronger demand and broader awareness of cyber risks
Yes, the market remained profitable in 2025. However, profitability is under pressure as incurred losses increased and pricing softened. Rising claims and higher loss ratios suggest margins may tighten over time.
The National Association of Insurance Commissioners (NAIC) updated reporting requirements, shifting from two categories (standalone vs. packaged) to three: primary, excess, and endorsement. AM Best noted that despite this change, overall totals remain comparable.
AI is increasing risk by lowering barriers for cyber attackers and accelerating vulnerability discovery. At the same time, it benefits insurers by improving threat detection and response. The release of models like Anthropic Mythos model has heightened concerns about rising attack volumes.
A major opportunity lies in small and medium-sized enterprises (SMEs), which remain underinsured. Firms like Beinsure highlight this “protection gap” as a key driver of future market expansion.
Global premiums reached $15.3 bn in 2025, growing about 7%, according to Munich Re. Long-term projections suggest over 10% annual growth through 2030, potentially doubling the market size.
Key risks include rising ransomware attacks, increased competition, and limited historical data for modeling. Swiss Re points out that unrealistic growth expectations and “naive capacity” from new entrants could further strain underwriting discipline.
………………..
AUTHOR: Nataly Kramer – Lead Insurance Editor at Beinsure, Edited by Peter Sonner, Lead Tech Editor at Beinsure, Fact checked by Oleg Parashchak
