Cyber losses hit $16 billion, but most programs still reflect outdated risk | Insurance Business
Rising severity, not volume, drives cyber losses, with fraud schemes causing largest financial impact
Cyber risk hasn’t just grown, but has changed shape.
US internet crime losses reached approximately $16.1 billion in 2024, even as total complaint volumes moderated; Cyber risk is becoming less about volume, and more about severity.
But for insurance risk managers, the shift is not uniform.
Insurance Business Industry Report on the US Cyber Line of Business, and its figures on internet crime severity, shows that phishing and spoofing dominate incident counts, with nearly 200,000 reported cases. Yet loss figures reveal a very different story: investment fraud and business email compromise drive the largest financial impact, with multi-billion-dollar loss totals, while tech-support fraud has emerged as one of the fastest-growing severity categories.
This divergence matters for insurance: The highest-frequency events are not the highest-cost events, and many of the highest-cost events sit at the edge of traditional cyber coverage.
Other chapters of the report connect this directly to insurance performance:
- Claims have risen sharply
- Claim frequency has materially increased
- Expected loss per policy remains elevated despite moderation in severity
Cyber insurance is now a high-utilization product, increasingly driven by deception-led financial losses, not just data breaches.
For risk managers, this creates a gap between:
- What policies were designed to cover (breach response, data restoration)
- Where losses are actually occurring (fraud, funds transfer, social engineering)
The result is a growing need for engineered coverage:
- Carefully structured sublimits for social engineering and funds transfer
- Alignment between cyber and crime policies
- Retentions and controls calibrated to real loss drivers
The takeaway is clear: cyber insurance is a designed component of enterprise risk strategy, requiring alignment between controls, coverage, and evolving threat patterns.
The Insurance Business Cyber LOB Report, “The U.S. Cyber Insurance Market: Evolution of Underwriting, Claims and Strategy,” provides a comprehensive view of the market across six chapters, covering market structure, underwriting performance, carrier scorecards, and the evolving cyber risk environment. It is supported by 20+ figures including premium, claims, and state-level data; and a full data appendix, enabling readers to benchmark performance and apply insights directly to underwriting, placement, and portfolio decisions.
Benchmark your program against the FBI’s latest loss data and the report’s coverage insights. Download the Insurance Business Cyber LOB Report to ensure your cyber strategy reflects today’s $16 billion risk landscape—not yesterday’s assumptions.
Get the complete report here.
Related Stories
