Key Takeaways
- U.S. cyber insurers posted an 11% increase in direct written premiums in 2025, reversing a two‑year decline.
- Growth was volume‑driven: policies‑in‑force rose 35%, while aggregate pricing remained soft.
- Fitch Ratings highlights emerging underwriting concerns tied to artificial intelligence, especially Anthropic’s “Mythos” model, which can accelerate threat intelligence and incident‑response capabilities for attackers.
- AI lowers barriers for cyber‑criminals, expands third‑party risk, and could substantially raise attack volume.
- Insurers are responding by tightening contract language—particularly around war exclusions, silent cyber, business interruption, and contingent losses—and integrating deeper cybersecurity assessments into underwriting.
- Overall demand is strengthening as boards and management recognize that cyber events can disrupt operations, trigger legal liabilities, and impair revenue even when direct financial losses are modest.
- A more detailed market analysis from Fitch is expected this summer, offering further insight into trends and risks.
Market Growth Overview
After a period of contraction, the U.S. cyber insurance market rebounded in 2025 with direct written premiums climbing 11%. This turnaround signals renewed confidence among insurers and policyholders alike. The expansion was not fueled by higher rates but by a surge in the number of policies sold, reflecting a broader adoption of cyber coverage across industries. Fitch Ratings notes that the increase in premium volume underscores a shift toward proactive risk management, as organizations seek financial protection against an ever‑evolving threat landscape. The modest pricing environment suggests that competition remains intense, prompting carriers to differentiate through service enhancements and more precise risk selection rather than relying on price hikes alone.
Drivers of Premium Increase
The primary catalyst behind the premium growth was a 35% rise in policies‑in‑force, indicating that many firms—especially mid‑size enterprises—have newly acquired or expanded cyber insurance. This volume‑centric growth points to heightened awareness of cyber exposures among buyers, who now view coverage as a essential component of their risk‑management portfolios. While larger corporations continue to maintain higher penetration rates, the gap is narrowing as smaller organizations recognize the potential financial and operational fallout from cyber incidents. The soft aggregate pricing environment, coupled with rising policy counts, suggests that insurers are competing aggressively for market share, leveraging improved underwriting analytics and tailored product offerings to attract new clients.
AI and Emerging Threats
Artificial intelligence is reshaping the cyber risk landscape in ways that traditional vulnerability management cannot easily counter. Fitch warns that AI tools lower the technical barrier for attackers, enabling rapid development and deployment of sophisticated exploits. Because AI can automate reconnaissance, vulnerability discovery, and even the crafting of phishing lures, the volume of potential attacks is poised to increase dramatically. This shift threatens to outpace the ability of defenders to patch vulnerabilities, creating a window where exploits outnumber fixes. Consequently, insurers must reassess how they model cyber risk, incorporating the accelerated threat velocity that AI introduces into loss‑frequency estimates.
Impact of Anthropic’s Mythos Model
A specific development drawing scrutiny from both financial and cybersecurity experts is Anthropic’s “Mythos” model. According to Fitch, Mythos excels at processing cyber threat intelligence and automating incident‑response workflows, capabilities that, when misused, can significantly boost the efficiency of malicious actors. The model’s ability to analyze vast datasets at speed means that threat actors can identify exploitable weaknesses faster than ever before, potentially turning what once required weeks of manual effort into a matter of hours. This dynamic exacerbates third‑party risk, as supply‑chain partners may inadvertently become vectors for AI‑enhanced attacks, further complicating the underwriting equation for cyber insurers.
Underwriting Response and Policy Language
In light of these evolving threats, insurers are actively refining their underwriting practices. Fitch emphasizes that contract language will be a critical lever, particularly concerning war exclusions, silent cyber provisions, business interruption coverage, and contingent loss clauses. By clarifying what is and is not covered under various cyber scenarios, carriers aim to reduce ambiguity and manage exposure more effectively. Additionally, underwriters are integrating deeper cybersecurity assessments—such as third‑party security ratings, penetration test results, and maturity model evaluations—into the risk selection process. These measures help insurers differentiate between organizations with robust defensive postures and those that remain vulnerable to AI‑driven threats.
Demand Drivers and Organizational Awareness
Beyond technical factors, demand for cyber insurance is being bolstered by a growing recognition among boards and executive teams that cyber incidents can inflict harm beyond direct financial theft. Operational downtime, regulatory penalties, reputational damage, and litigation costs can all arise even when monetary losses appear limited. This broader view of cyber risk has prompted more organizations to treat insurance as a strategic safeguard rather than a mere compliance checkbox. As a result, insurers are seeing renewed interest from sectors previously considered low‑risk, including manufacturing, healthcare, and professional services, where supply‑chain dependencies and data privacy obligations amplify potential fallout from a breach.
Future Outlook and Upcoming Analysis
Looking ahead, Fitch Ratings plans to release a more comprehensive analysis of the cyber insurance market later this summer. That report is expected to delve deeper into the interplay between AI advancements, underwriting profitability, and loss trends, offering stakeholders a clearer picture of how the sector may evolve. Insurers will likely continue to balance growth ambitions with prudent risk management, leveraging data‑driven insights and adaptive policy language to navigate a landscape where artificial intelligence both creates new opportunities and amplifies existing threats. The next several quarters will be pivotal in determining whether the current premium growth can be sustained amid rising AI‑enabled cyber challenges.