Gallagher is expecting the cyber insurance – which has seen accelerated growth since 2021 – to continue to expand in the coming years.
In its
2026 Cyber Insurance Market Outlook, the global insurance brokerage, risk management, and consulting firm wrote that the market size in 2025 was $16 billion to $20 million and that most forecasts are predicting that to jump to $30 billion to $50 billion by 2030.
The report highlighted the “dynamic and rapidly evolving nature of the cyber insurance industry, shaped by emerging threats, technological advancements, regulatory changes, and shifting underwriting practices,” and pointed to the ongoing development of AI and rising supply-chain risks among the drivers.
As part of the market’s dynamic nature, organizations within the insurance and cybersecurity spaces are developing tools and programs to improve how cyber insurance works for enterprises, SMBs, and security services providers, including MSSPs.
For example, in March,
Sophos and
Spektrum Labs announced a partnership where customers can use Sophos’ managed detection and response (MDR) technology to also collect data to show insurers
measurable and verifiable proof of their security controls capabilities.
A Streamlined Process, No Deductible
More recently, security vendor
Huntress and insurance broker
Acrisure launched a joint cyber insurance program to streamline the process for organizations and MSSPs seeking either Cyber or Tech Errors and Omissions (Tech E&O) insurance policies, which cover legal defense costs and damages if a company’s IT or cyber product or service fails to perform as promised. The policies also come with no deductible.
It’s an important step in a cyber insurance industry that has grown steadily over the last decade despite not being mandated by law, according to
Jeremy Young, director of community at Huntress. That said, adoption is uneven, with 60% to 70% of larger enterprises embracing it, but adoption by businesses outside of the 1% of the Fortune 1000 comes in at about 20%.
It’s what Young calls an “inconvenient truth since that’s the same segment that we see targeted most frequently by attackers.”
A 'Flawed and Clunky' Situation
He told MSSP Alert that, despite the adoption trends, the “intersection of cybersecurity and insurance has been flawed and clunky.”
“They’ve largely been disconnected,” Young said. “Attempts to blend the two, while well-intentioned, haven’t scaled. We believe this program is different because it offers real benefits to Huntress users and clear swim lanes for Huntress, Acrisure, our partners, and customers.”
In return for using Huntress’ managed endpoint detection and response (EDR) and identity threat and response (ITDR) tools, they get access to primary coverages that businesses need with no deductible, a simplified application process, and transparent pricing, he said, adding that it brings organizations not only resilience via the security protections but also financial resilience.
Two Options
The new program offers two options, including a cyber liability policy to help fund incident response operations and to provide coverage for third-party lawsuits that follow a cyberattack. It’s suitable for more companies, according to Huntress.
The other is Tech E&O coverage that comes with traditional cyber insurance coverage as well as third-party lawsuits against organizations that allege a failure to deliver adequate tech products and services. This is aimed at those in the tech space, including MSSPs and MSPs, as well as software companies and technology firms.
Designed for MSSPs and MSPs
“This program was specifically designed for both MSPs and MSSPs and their clients who use Huntress EDR+ITDR,” Young said. “MSPs, from an insurance point of view, are technology companies.”
For their businesses, MSSPs and MSPs likely will talk with Acrisure about Tech E&O, while their discussions with clients will probably be more about the cyber liability policy.
“You can’t go to a reputable apartment complex and rent an apartment without showing proof of renters' insurance,” he said. “You can’t get occupancy permits for a building, or drive a car – legally – without being properly insured. We hope this program makes it easier for our partners to make cyber insurance a normal part of their risk management practice with their clients in order for the entire industry to be more resilient to the inevitability of a cyberattack.”