News

Cyber insurers warn AI threats are outpacing market pricing

AI-driven attacks are moving faster than cyber pricing, leaving carriers reliant on faster data loops and smarter underwriting software to keep up.

Nina Kowalski··2 min read
Published
Listen to this article0:00 min
Cyber insurers warn AI threats are outpacing market pricing
AI-generated illustration

If cyber rates keep softening while AI-driven attacks are getting sharper and bigger, the weak link may not be the price sheet but the software stack behind it. The market’s calm face is masking a harder problem for carriers: underwriting models, policy administration systems and exposure monitors are struggling to refresh fast enough for a threat landscape that now changes in real time.

The warning sharpened on May 21, 2026, as cyber insurers flagged a prolonged soft pricing cycle that no longer matches the pace of digital risk. Artificial intelligence is accelerating both the sophistication and scale of attacks, turning what once looked like a niche cyber issue into a broader P&C systems problem. When market pricing lags the threat picture, insurers are left with a simple question: can legacy workflows identify new accumulations before losses hit the book?

The numbers show why the concern is rising. Fitch Ratings said on April 15, 2026 that U.S. cyber insurance direct written premiums grew nearly 11% in 2025, driven mostly by volume, with about 34% growth in policies in force. Fitch also said deteriorating incurred direct losses and AI were adding underwriting complexity, and warned that “naive capacity” could erode margins over time. The National Association of Insurance Commissioners put global cyber insurance premium written at nearly $15 billion in 2024, while the U.S. market saw its first-ever reduction in direct written premium, to about $9.14 billion. U.S. claims climbed almost 40% to nearly 50,000 even as policies in force were essentially flat at 4,368,614.

Other market signals point in the same direction. Aon said cyber pricing fell for ten straight quarters and ended the first quarter of 2025 down 7%, even as broader coverage and larger limits remained available. Its U.S. data showed 1,228 reported cyber incidents in 2024, up 22%, and ransomware claim frequency rose even as average payments dropped 77%. Munich Re said the July 2024 CrowdStrike outage, one of the largest IT outages on record, hit airlines, airports, banks, stock exchanges, technology companies and healthcare services, while estimating the global cyber insurance market would reach $16.3 billion in 2025.

AI Cyber Incident Share
Data visualization chart

Gallagher said declining cyber rates mostly stabilized through 2025, with increases in some sectors such as healthcare and renewed concern about systemic risk from cloud outages and supply-chain attacks. QBE’s March-April 2026 survey added another layer of urgency: 29% of businesses said they had experienced at least one cyber incident believed to involve AI, 51% of those involved AI-crafted phishing and 49% involved AI-generated malware or malicious code. With 63% worried about suppliers’ use of AI, vendor exposure is no longer a side issue. For carriers, the next edge will come from tools that can update assumptions faster, connect external risk signals into underwriting decisions and track aggregation risk before the market pricing catches up.

This article was produced by Prism’s automated news system from verified source data, official records, and press releases, then run through automated quality and moderation checks before publishing. The system is built and supervised by the people who set the standards it runs under. Read our full AI policy.

Did this article answer your question?

Discussion

More P&C Insurance Software Articles