Global credit rating agency, AM Best, has reaffirmed a stable outlook for the global cyber insurance market heading into 2025, citing a convergence of strong demand, capital inflows, and technological progress.
Despite emerging threats and a modest market softening since 2023, the sector is expected to maintain profitability and exhibit continued resilience.
According to AM Best’s comprehensive review, reported by Reinsurance News, the global cyber insurance market is navigating a complex risk environment marked by both persistent cyber threats and promising innovations. The report outlines how evolving dynamics such as improved policyholder cyber hygiene, increased use of artificial intelligence in underwriting, and expanding regulatory frameworks—are shaping the market’s trajectory.
Although the market has seen a degree of rate softening since 2023, demand for cyber insurance remains robust. AM Best projects sustained growth, with premium volumes and underwriting profitability expected to hold over the medium term, even amid intensifying competition among insurers.
A key driver of this resilience is the increasing awareness and adoption of cyber insurance among businesses, particularly those operating under stringent data privacy regulations. The SME segment is identified as a high-potential growth frontier, as many small and mid-sized enterprises continue to remain underinsured or without adequate cyber protection.
Insurers are reporting improved loss ratios, attributed in part to strengthened cyber security measures among policyholders. This, AM Best notes, has helped mitigate vulnerabilities and reduce the frequency and severity of claims, enhancing insurer performance.
Simultaneously, the market is being buoyed by significant capital inflows from both traditional reinsurers and alternative capital providers. These include insurance-linked securities (ILS), cyber catastrophe bonds, and non-proportional reinsurance structures that offer enhanced protection against large-scale losses.
In 2024 alone, cyber catastrophe bond issuances exceeded USD 750 million. Among these was Beazley’s landmark USD 210 million PoleStar 2024-3 transaction—one of the sector’s largest deals to date—demonstrating growing investor appetite for cyber risk-linked instruments.
Artificial intelligence is increasingly transforming how insurers assess and price cyber risk. AM Best highlights the shift from traditional, manual underwriting processes to real-time, API-driven assessments that facilitate dynamic pricing, more accurate risk selection, and continuous monitoring of insureds’ cyber posture.
This evolution is expected to enhance underwriting precision and operational efficiency while aligning premiums more closely with evolving risk landscapes.
However, AM Best also cautions that the same AI tools being leveraged by insurers are now being deployed by cybercriminals to scale and personalize attacks, including highly targeted ransomware campaigns and business email compromise (BEC) schemes.
Regulatory developments continue to be instrumental in driving cyber insurance uptake. AM Best points to frameworks like the European Union’s Cybersecurity Act and mandates from the Cybersecurity and Infrastructure Security Agency (CISA) in the U.S., which are setting stricter cybersecurity standards for industries such as healthcare and financial services.
These policies are compelling organisations to integrate cyber insurance into broader risk management strategies to remain compliant and operationally secure.
Despite these advances, AM Best warns that ransomware, BEC, and funds transfer fraud (FTF) remain the dominant sources of cyber claims globally. Ransomware incidents alone rose by 11 percent in 2024, with the United States continuing to be the most heavily targeted country.
Compounding this are systemic risks arising from the interconnected nature of digital systems. AM Best highlights how cyber incidents in one part of the ecosystem such as global outages seen in 2024 involving CrowdStrike and CDK Global can trigger cascading effects that overwhelm insurers and lead to significant business interruption claims.
Quantifying such systemic cyber risk remains a major challenge, largely due to the limited availability of historical loss data and the rapidly evolving threat landscape.
Insurers themselves become targets
The report also points to a concerning trend stating that the insurance industry itself is increasingly in the crosshairs of cybercriminals. Due to their possession of sensitive client data, insurers have become high-value targets, prompting urgent calls for stronger internal cybersecurity frameworks.
Recent breaches affecting insurers underscore the critical need for robust defenses to prevent operational disruptions and protect policyholder information.
Overall, AM Best’s 2025 outlook paints a picture of a maturing but resilient cyber insurance market. While threats remain prevalent and the risks more sophisticated, the sector benefits from continued demand growth, innovation in risk assessment, and the strategic deployment of capital.
Global cyber premiums rose by 7 percent in 2024 to reach an estimated USD 15.3 billion, according to Munich Re data cited in the report. AM Best expects these premiums to grow at an average annual rate above 10 percent through 2030, driven largely by increasing international adoption, particularly across Europe and Asia.
The U.S. remains the dominant player, currently accounting for 59 percent of global cyber premiums, but AM Best anticipates international markets will gain greater share as awareness and regulation mature in other regions.
Importantly, the report noted the development of Zero Trust models security frameworks that continuously verify user and device legitimacy—is gaining momentum as a defense strategy against sophisticated threats.
Commenting on the report, Robert Gabriel, senior financial analyst, AM Best, stating “Fundamentally, the market’s expansion is underpinned by increasing awareness of cyber risk and the need for risk transfer solutions to protect against the growing threat of cyber crime. Heightened awareness of cyber threats also has motivated insureds to strengthen their cyber hygiene, leading to more robust defenses and swifter incident responses, which in turn has helped to reduce potential losses.”
