Advisory and Financial Services · US · NAICS 524126

Cyber Liability Insurance in the US: Market Size, Businesses & Forecast 2026

The Cyber Liability Insurance industry in the United States comprises carriers and underwriters that assume the financial risks associated with data breaches, system interruptions, and network security failures. Following a period of aggressive premium growth driven by high ransomware activity, the market has transitioned into a softening phase characterized by increased carrier capacity and declining rates. Reflecting this shift, the industry generated total direct written premiums of $9.14 billion in 2024 according to the National Association of Insurance Commissioners (NAIC), marking its first-ever annual contraction. Moving forward, the industry is focused on refining risk-modeling metho

Businesses · 2025
13k
Outlook
Growing
Competition
High, rising

Industry snapshot

Demand drivers
Cybercrime Financial Losses
Carrier Capital Capacity
Data Privacy Regulations
Ransomware and BEC Frequency
Relative importance, Claight qualitative assessment.
Market structure
fragmented
moderate
concentrated
Competitive intensity
high, rising
Need custom research on Cyber Liability Insurance in the US? Our analysts tailor the numbers to your question.
Connect to an analyst →

Key public data points

U.S. Cyber Insurance Direct Written Premiums (2024)9.14 billion USD
Source: National Association of Insurance Commissioners (NAIC) 2025 Cybersecurity Insura
U.S. Cyber Insurance Active Policies in Force (2024)4,368,614 policies
Source: National Association of Insurance Commissioners (NAIC) 2025 Cybersecurity Insura
U.S. Cyber Insurance Claims Reported (2024)50,000 claims
Source: National Association of Insurance Commissioners (NAIC) 2025 Cybersecurity Insura
U.S. Cyber Insurance Average Loss Ratio (2024)49.0 percent
Source: American Academy of Actuaries / Aon 2024 U.S. Cyber Market Update

Historical & forecast

Base year 2025. Each series is official through its own latest government-data year (shown in the legend on each chart), and years beyond that are Claight estimates. As of July 2026 the current year is still in progress (2026 annual data is not yet published), so the forecast runs to 2030.

Number of businesses
Base year 2025
Official data (2016-2025) · BLS QCEWForecast
Forecast
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2025 base: 12,6932030 est: 13,033
Employment
Base year 2025
Official data (2016-2025) · BLS QCEWForecast
Forecast
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2025 base: 452,2822030 est: 438,025
Talk to a Claight analyst
Do you want to research Cyber Liability Insurance in the US?

Get in touch and our analysts will be happy to help with custom market sizing, deeper segmentation, supplier detail or a bespoke study built for you.

Connect to an analyst →

Industry Definition and Scope

What does the Cyber Liability Insurance in the US industry cover?

The industry specializes in underwrite-driven risk transfer mechanisms designed to protect corporate and institutional policyholders from the financial fallout of digital threats. Policies are broadly structured into first-party coverages, which reimburse direct expenses such as incident response, data restoration, and business interruption, and third-party liability coverages, which defend against legal claims and regulatory penalties. Carriers evaluate an organization's perimeter security, internal controls, and data hygiene practices to determine premium rates and coverage limits.

  • First-party coverage addresses immediate costs from extortion, forensic analysis, and operational downtime.
  • Third-party liability manages litigation defense, regulatory settlements, and mandatory class-action notifications.
  • Standalone policies represent approximately 69% of written premiums, while package policies account for the remaining 31% according to the NAIC.

Market Structure and Operators

Who operates in the industry and how is it structured?

The U.S. cyber insurance ecosystem operates as a distinct segment within the broader property and casualty insurance sector. Risk is distributed between primary domestic admitted insurers, domestic surplus lines carriers who handle non-standard risk, and alien surplus lines insurers who write coverage from foreign jurisdictions. A notable portion of the market relies on the surplus lines segment due to the volatile and evolving nature of digital risks which requires flexible policy terms outside standard state regulations.

  • Domestic surplus lines accounted for 57% of the market share in 2024, experiencing an increase from the previous year.
  • Alien surplus lines, primarily represented by syndicates operating via Lloyd's of London, supply significant capacity to the U.S. market.
  • There were 218 U.S. insurers actively reporting direct written cyber insurance premiums to insurance regulators in 2024.
Want a deeper cut on Cyber Liability Insurance in the US? We build bespoke studies on request.
Connect to an analyst →

Demand Drivers

What drives demand in the industry?

The fundamental driver of industry demand is the escalating financial and operational severity of global cybercrime. Organizations face broad exposure due to expanded cloud migrations, remote work frameworks, and systemic supply chain vulnerabilities. Rather than seeing a decline in risk, the necessity for financial protection is reinforced by surging litigation and multi-million dollar data breach settlements across public and private sectors.

  • Reported financial losses from Business Email Compromise (BEC) attacks surpassed $3.1 billion according to the FBI Internet Crime Report.
  • The frequency of corporate cyber insurance claims jumped nearly 40% in 2024, reaching close to 50,000 reported claims.
  • Major corporate cyber events, such as the 2024 AT&T data breach, led to high-profile liabilities including a $177 million settlement resolved in 2025.

Competitive Landscape and Notable Public Companies

Who are the notable companies in the industry?

Competition within the U.S. cyber liability market has intensified as favorable historical loss ratios have drawn new underwriting capital into the space. The industry is evolving from a highly concentrated layout to a more distributed environment as mid-tier carriers expand their portfolios. Underwriters increasingly differentiate themselves by providing integrated pre-breach risk assessment tools and continuous network monitoring services alongside conventional financial indemnity.

  • The top five cyber insurance carriers accounted for approximately 30% of the U.S. market share in 2024, down from 48% recorded in 2020.
  • Beazley plc, a prominent specialist cyber underwriter, reported a negative 6.8% cyber-specific rate change in the first half of 2025 due to competitive pricing pressures.
  • Chubb Limited, American International Group Inc. (AIG), and Travelers Companies Inc. operate as major direct property and casualty underwriters providing comprehensive commercial cyber coverage lines.

Recent Trends and Outlook

What are the recent trends and outlook?

The industry is experiencing a notable soft market cycle where premium rates have turned negative despite a higher overall volume of claims. To maintain profitability, insurers are expanding coverage options and lowering deductibles while simultaneously standardizing mandatory defense exclusions. Looking ahead, carriers are heavily investing in artificial intelligence tools to optimize real-time underwriting analytics and mitigate systemic risk concentrations.

  • U.S. cyber insurance premiums declined by approximately 7% in 2024 to $9.14 billion, moving down from $9.84 billion in 2023.
  • Average quarterly cyber insurance rates in the U.S. fell by 5% in the final quarter of 2024, ending seven consecutive years of price hikes.
  • The market aggregate loss ratio stood at a profitable yet elevated 49% in 2024 according to actuarial tracking.
Building a business case around Cyber Liability Insurance in the US? Talk to a Claight analyst.
Connect to an analyst →

Regulation and Compliance

How is the industry regulated?

Regulatory compliance serves as a primary structural driver for cyber policy adoption across the United States. State-level departments of insurance monitor carrier solvency and policy forms to protect corporate consumers from systemic market failures. Furthermore, state and federal mandates regarding public company disclosure and consumer data privacy enforce a legal baseline that directly impacts underwriter loss costs and litigation exposure.

  • The NAIC Cybersecurity Working Group continuously reviews data reporting standards and updates the Property & Casualty Annual Statement Supplement.
  • The NAIC Insurance Data Security Model Law (IDSM) continues to be adopted across various states, setting rigorous data governance guidelines for licensees.
  • State privacy frameworks, exemplified by multi-million dollar actions such as Texas's $1.4 billion settlement with Meta over biometric privacy, highlight the expanding liabilities underwritten by carriers.

Sources

Government, statistical and trade sources used for this Claight analysis.

  • National Association of Insurance Commissioners (NAIC) 2025 Cybersecurity Insurance Report ·
  • American Academy of Actuaries / Aon 2024 U.S. Cyber Market Update (Published 2025) ·
  • Federal Bureau of Investigation (FBI) Internet Crime Report 2024

Claight analysis of public industry data.