While the market remains profitable, deteriorating incurred direct losses and the growing influence of artificial intelligence signal increasing underwriting complexity for property/casualty insurers, says Fitch Ratings.
U.S. cyber insurance direct written premiums grew nearly 11% in 2025, reversing two consecutive years of decline, driven by a surge in policies in force despite softer aggregate pricing.
While the market remains profitable, deteriorating incurred direct losses and the growing influence of artificial intelligence signal increasing underwriting complexity for property/casualty insurers, says Fitch Ratings.
Premium growth in 2025 was primarily volume-driven, with approximately 34% growth in policies in force more than offsetting softer aggregate pricing. This shift reflects greater awareness of cyber exposure and a more competitive underwriting environment.
Demand has strengthened as boards and management teams recognize that cyber events can disrupt operations, trigger legal liabilities, and impair revenue even when direct financial losses are limited.
Coverage uptake, however, remains uneven. Larger, more sophisticated companies are more likely to have meaningful protection, while smaller organizations continue to lag due to budget constraints.
The market remained profitable in 2025. However, a 5 pp deterioration in incurred direct losses indicates that lower rates and broader market participation could erode underwriting margins over time. The risk of ‘naive capacity’ is a key credit risk, where new entrants compete aggressively without sufficient claims history or technical expertise.
Insurers that have invested in specialized underwriting expertise, clearer contract language, tighter aggregation management, and closer integration of cybersecurity assessments into the underwriting process are better positioned. Policy language, particularly around war exclusions, silent cyber exposures, business interruption triggers, and contingent losses tied to vendor outages or infrastructure failures, will also be critical.
The risk landscape has shifted with the partial release of Anthropic’s Mythos model, which has raised concern across financial and cybersecurity communities.
AI is particularly disruptive to cyber risk because traditional vulnerability analysis was labor-intensive and offered limited financial upside for researchers, a gap AI now fills at scale and speed. This lowers barriers for attackers, expands third-party risks and could materially increase attack volume.
While AI improves threat detection, accelerates incident response and enables continuous real-time threat intelligence, vulnerabilities are likely to outnumber patches in the short to medium term.
Despite premium growth, cyber insurance remains a niche segment at approximately 1% of total direct written premiums, limiting its influence on overall multi-line insurer profitability.
The cyber insurance linked security (ILS) market, while growing, represents approximately 1.4% of the $63 billion 144A ILS market, reflecting persistent challenges in modelling cyber risk at a scale acceptable to capital markets investors.