Jump to winnersJump to methodology

Virtual defenders

Cybercriminals work around the clock, but so do America’s top cyber insurance companies – and their efforts haven’t gone unnoticed.

In a landscape of relentless digital threats, Insurance Business America recognizes the nation’s leading cyber insurance providers. Thousands of brokers from across the country offered candid assessments of insurers’ performance in areas including coverage, adaptability, and claims handling. Only the best of the best were then awarded 5-Star status.
 

“What resonates with brokers is that we’re more than an insurance carrier to their clients; we’re a full-service partner”
Jacob IngerslevTokio Marine HCC – Cyber & Professional Lines Group

Industry expert Michael Lieberman, co-founder and CTO of software firm Kusari, shares his thoughts on what a leading policy looks like in 2025.

“It is something that is future proof at some level, that is evolving with the times as different types of cyberattacks become more sophisticated. What’s also very important is being crystal clear about what is covered and what is not,” he says.

Fellow cyber insider Kelly O’Brien, senior cybersecurity practitioner at Compass IT Compliance, also defines what is market leading.

“It should be broad, adaptive coverage including specific considerations for AI usage both internally and across third-party vendors,” she says. “It also goes beyond basic coverage by including proactive services like threat intelligence, security posture assessments, third-party risk tools, and workforce awareness training.”

Other key differentiators include:

  • clear SLAs
     

  • transparent exclusions
     

  • risk-based pricing
     

  • access to forensics and crisis communications support

Ransomware on the rise

Ransomware has become an even bigger threat for cyber insurers in 2025 as they react to an uptick in attacks. Part of the increase is down to the rise of ransomware-as-a-service (RaaS) and AI-powered variants.

The most common is by a VPN compromise as threat actors scan Secure Sockets Layers (SSL), commonly a web page log-in. From there, they use brute force and try thousands of pass…

 » Read More