Could Government Reinsurance Boost Cyber Insurance?

by

Estimated reading time: 4 minutes

Old wooden merchant ship sailing through digital storm of binary code and cyber threat icons, symbolizing cyber insurance.
Ancient Lessons Inspire Modern Cyber Insurance Fix

For millennia, societies have relied on insurance to hedge against uncertainty. Ancient Romans pooled funds for fallen legionnaires. Merchants of old took out “bottomry” loans, which were forgiven if pirate raids sank their ships. Today’s cyber insurance market draws from these deep roots but faces modern challenges. This is the vision presented by Nick Leiserson, former cyber policy leader at the Office of the National Cyber Director. His June 2025 report for the Foundation for Defense of Democracies outlines how a federal reinsurance program could help the cyber insurance market mature. You can read the full report here. Below is our takeaway.

The Market’s Growing Pains

Cyber insurance has boomed for two decades. Global premiums now exceed $14 billion, with the U.S. market leading the way. Insurers help clients recover from attacks. They also encourage better cybersecurity practices. But significant problems persist.

Risk pricing is wildly inconsistent. Premiums swing year to year. Many cyber losses remain uninsured. A wide coverage gap leaves the economy vulnerable. The market still cannot adequately model risks to sustain growth.

“The cyber insurance market cannot mature fast enough to help address the pace and the scale of threats. A backstop is a critical…”

Nick Leiserson
Former Cyber Policy Leader at the Office of the National Cyber Director
Geography Means Nothing in Cyberspace

Traditional insurance depends on diversified risk. A home insurer spreads coverage across different regions. Natural disasters do not strike everywhere at once.

Cyber insurance risk doesn’t work that way. A single attack can target thousands of sites across various industries and locations. Insurers face the real prospect of multiple catastrophic claims at once. This uncertainty drives up costs and drives down availability.

See also  Cyber Insurance 2025: Coverage Gaps Erode Confidence, But Fixes Are Clear
A History of Public Backstops

The U.S. has tackled systemic risk before. Following the 9/11 attacks, Congress established the Terrorism Risk Insurance Program (TRIP). TRIP helped property insurers by providing federal reinsurance against catastrophic losses from terrorism. The program restored market confidence without taxpayer losses. Leiserson argues the time has come for a cyber-focused version of TRIP.

A Playbook for Action

The report urges Congress to act promptly. Cyber threats continue to outpace the market’s ability to manage them.

A federal cyber reinsurance program would help stabilize premiums. It would lower capital costs, encouraging insurers to write more policies. It could increase market participation by covering systemic cyber risks that no private carrier can manage alone.

Notably, the proposed program would include a mechanism to recoup costs. If activated, the government’s backstop would be funded through premiums or surcharges, not taxpayer bailouts.

Seizing the Moment

Congress is set to reauthorize TRIP until December 31, 2027.  Leiserson sees this as a unique opportunity. Policymakers can now extend this proven model to the cyber domain. Waiting decades for private insurers to catch up is too dangerous.

Without action, U.S. businesses remain exposed. Economic stability, public safety, and national security are all at stake.

Get The Cyber Insurance Upload Delivered
Every Sunday
Subscribe to our newsletter!

Cyber Insurance Today

Current cyber insurance faces barriers on both the supply and demand sides.

Insurers struggle to model risk. They lack enough data on which protections matter most. Without solid models, they must hold more capital. This limits the number of policies they can issue.

See also  AXA XL Partners with Darkweb IQ to Boost Cybersecurity for Cyber Insurance Clients

On the demand side, many businesses find cyber policies too expensive or too limited in coverage. As a result, many choose to self-insure or forego coverage.

Market Cycles but No Progress

Past market cycles brought brief improvements. Following a surge in ransomware claims, underwriting standards tightened. But prices rose too. The market cooled in 2023, with premiums declining for the first time.

More data is coming. Better models will emerge. But without federal intervention, it could take decades to build a mature cyber insurance market.

The Stakes for Small Businesses

For small and medium-sized businesses, the stakes are dire. Many report that a single cyberattack could destroy them. Without affordable and reliable insurance, these companies face growing risks on their own.

What’s Next?

Leiserson’s message is clear. Congress must act. A federal reinsurance program can stabilize the market now. The risks are real. The need is urgent.

The model already exists. TRIP proved that a government backstop can empower private markets without costing taxpayers. Extending this approach to cyber insurance could transform the sector and strengthen national resilience.

APCIA to Feds: Not So Fast with a “Cyber TRIP” (Opens in a new browser tab)

Cyber Insurance Market Stabilizing, Reports Wall Street Journal (Opens in a new browser tab)

Institutional Investor Bets on Cyber Re (Opens in a new browser tab)

Martin Hinton

Martin Hinton is the Executive Editor and Publisher of Cyber Insurance News and Information. With over three decades of journalism experience across six continents, his work encompasses investigative reporting, documentaries, and coverage of cultural, political, and business news. To learn more about his career, click on his name to visit his LinkedIn page.

See also  Beyond Social Media's Risks: Identity Theft Targets Kids Online
×