For the first time on record, U.S. cyber insurance premiums fell in 2024, driven by lower prices rather than a drop in demand, according to a new report from credit rating agency AM Best. The 2.3% decline to just under $7.1 billion marks a turning point for a market that has seen years of steep hikes.

• A captive audience: The drop isn't due to a lack of demand, which remains steady, but rather a market correction and a shift in strategy. Some large companies are now ditching traditional insurers to "bet on themselves" by creating their own captive insurance firms, keeping the premium money—and data—off the official books.

• Still in the black: Even with lower premiums, the business remains lucrative. Insurers’ loss ratios stayed below 50%, a sign that underwriters are comfortably profitable. While Chubb remains the top player, Travelers Group jumped into the number two spot, and newer entrants like At-Bay Specialty are cracking the top 10.

While pricing has stabilized, the next major challenge for insurers is third-party risk. As companies rely on a sprawling ecosystem of vendors, the inherited risk from partners is poised to become the next source of complicated claims. The drop in premiums doesn't mean the stakes are lower, as one retailer is eyeing a claim of over $100 million after a major incident. Meanwhile, the move toward self-insurance isn't without its own drama, as companies using captive insurers are facing a complex regulatory and tax fight with the IRS.