- 2025 U.S. Cyber Insurance Premiums: $7.5 billion (largely due to accounting shifts)
- Industry-Wide Loss Ratio: 53.0% (first time above 50% since COVID-19 pandemic)
- Surplus Lines Carriers' Incurred Loss Ratio: 55.9% (vs. 50.2% for admitted carriers)
Experts warn of a dangerous disconnect between falling cyber insurance prices and rising losses, signaling potential market instability as claims frequency and litigation costs escalate.
Cyber Insurance's Dangerous Game: Prices Fall as Losses Mount
OLDWICK, NJ – June 26, 2026 – A fundamental law of economics appears to have been suspended in the U.S. cyber insurance market. As losses mount and claims frequency soars, prices are falling. This dangerous paradox, highlighted in a new market segment report from A.M. Best, signals a period of profound instability for an industry tasked with underwriting the digital age's most dynamic threat.
On the surface, the market shows modest growth, with overall premiums inching up to $7.5 billion in 2025. But this figure is misleading. According to A.M. Best, the increase is largely an accounting mirage, stemming from large companies moving their cyber business from offshore captives to U.S.-domiciled entities. The underlying domestic market is flat, a concerning stagnation for a segment facing escalating risk.
More alarming is the industry-wide loss ratio, which climbed for the second straight year to 53.0%. This is the first time the ratio has breached the 50% threshold since the chaotic early days of the COVID-19 pandemic, when a sudden shift to remote work exposed widespread security vulnerabilities. That period triggered an immediate and severe market hardening, with skyrocketing premiums. This time, the dynamic is inverted. “The loss ratio increase is occurring as pricing is still declining and even accelerating the decline,” noted Christopher Graham, a senior industry analyst at A.M. Best. It’s a disconnect that cannot hold.
The Quiet Takeover of Surplus Lines
Underneath this top-line turbulence, a structural transformation is reshaping the strategic rationale of cyber coverage. The market has effectively split in two. On one side are traditional, or “admitted,” carriers who increasingly package cyber coverage as an endorsement on broader commercial policies. On the other are the more agile “surplus lines” carriers, who now dominate the landscape for standalone, specialized cyber policies. These insurers have consistently grown their share to command nearly two-thirds of the entire cyber insurance market by premium.
This shift is not accidental. Surplus lines carriers operate with greater regulatory freedom, allowing them to customize policies and price risks that admitted carriers, bound by stricter state-level oversight, are often unwilling to take on. During the hard market of 2020-2022, as ransomware attacks surged, standard insurers retreated. Surplus lines carriers stepped into the breach, offering coverage for complex, high-risk, and emerging threats. They became the market’s innovation lab and risk-absorber of last resort.
However, this strategic position comes with exposure. The A.M. Best report reveals the incurred loss ratio for surplus lines carriers stands at 55.9%, significantly higher than the 50.2% for admitted carriers. This gap suggests surplus lines are underwriting business “prone to a longer tail for which losses take longer to settle,” as Graham observed. They are insuring the complex, protracted, and litigious aftermath of cyber incidents—a trend that is accelerating.
A Paradox of Price and Peril
The current market softness is a direct reaction to the previous hard market. Faced with punitive premium hikes, companies were forced to dramatically improve their cyber hygiene, implementing controls like multi-factor authentication (MFA) and endpoint detection and response (EDR) as a condition of coverage. This, combined with an influx of new insurance capacity, created intense competition and drove prices down. Some indices show cyber rates declining for ten consecutive quarters.
But this buyer's market for premiums masks a seller's nightmare in claims. While improved defenses may have moderated the severity of some incidents, the frequency of attacks is exploding. Data from the National Association of Insurance Commissioners (NAIC) shows claims frequency jumped by nearly 40% in 2024. This deluge is driven by the relentless industrialization of cybercrime and, more significantly, a burgeoning litigation machine that follows every major breach.
This “frequency versus severity” paradox is at the heart of the market’s instability. While an individual ransomware payment may be lower, the sheer volume of incidents, coupled with the spiraling costs of third-party liability, is pushing total losses upward, eating away at the declining premium base.
The Long Tail of Litigation
The most significant driver of the rising loss ratio is the weaponization of data breach litigation. Third-party claims are growing rapidly, particularly in the surplus lines segment. According to industry data, data breach class-action lawsuits nearly tripled in 2024. The plaintiff’s bar has identified cyber incidents as a lucrative frontier, adapting mass-tort strategies to pursue digital negligence claims with vigor.
Courts are increasingly sympathetic, certifying class actions at a higher rate and validating “risk of future harm” arguments. This legal momentum is compounded by supply chain vulnerabilities. Incidents like the MOVEit file-transfer breach created a “hub-and-spoke” litigation model, where a single vendor’s failure triggers lawsuits against hundreds of their clients. Furthermore, new legal theories are constantly emerging, with thousands of lawsuits filed over the use of website pixel trackers, alleging privacy violations completely separate from a data breach.
This is the “long tail” that surplus lines carriers are insuring. The costs are no longer just about forensic investigation and credit monitoring; they are about multi-year legal battles and nine-figure settlements. This escalating legal risk makes sustainable pricing an actuarial nightmare, especially when market competition is pushing rates in the opposite direction.
The Next Frontier: Small Business Risk and Reward
As the market for large enterprises matures, insurers are looking to the small and medium enterprise (SME) sector for growth. The opportunity is immense: a market valued at over $8 billion today is projected to exceed $60 billion by 2034. Yet this frontier is fraught with peril. SMEs are disproportionately targeted by cybercriminals but remain vastly underinsured, with fewer than 20% carrying dedicated cyber coverage.
For insurers, this presents a classic aggregation risk problem. A single successful attack on a managed service provider (MSP) or a vulnerability in a software platform used by thousands of small businesses could trigger a catastrophic wave of simultaneous claims, overwhelming a carrier’s balance sheet. Effectively underwriting and pricing this segment—while managing systemic risk—is the next great strategic challenge. It will require innovative models that, like those pioneered by firms such as At-Bay and RiskQ, blend insurance with proactive security services.
For now, the cyber insurance market remains caught in a precarious balance. The discipline imposed during the last hard market has created a temporary pricing reprieve for buyers. But the underlying risk factors—from claims frequency to litigation—are all trending in the wrong direction. Without a correction that realigns price with risk, the current stability will prove to be an illusion.
📝 This article is still being updated
Are you a relevant expert who could contribute your opinion or insights to this article? We'd love to hear from you. We will give you full credit for your contribution.
Contribute Your Expertise →