Poland’s cyber insurance market is entering a turning point, marked by rapid growth and a fundamental change in how insurers operate. The role of the insurer is shifting from a provider of financial protection to a partner responsible for building clients’ digital resilience, according to Sylwia Stańczyk, specialist in strategic client insurance at TUW PZUW.
The market, though still relatively small compared to mature Western counterparts, is expanding at a double-digit pace year on year, reaching several hundred million złoty annually. However, precise data remains elusive as the sector is not reported as a separate line in Polish financial supervision statistics.
Growth drivers and regulatory push
According to Stańczyk, the first phase of development, until around 2018, was marginal and limited to large financial institutions and international corporations. The acceleration came with GDPR implementation, a wave of ransomware attacks, and pandemic-driven digitalization. In the coming years, new regulations such as the NIS2 directive and the DORA regulation will further boost demand, making cyber insurance an integral part of risk management.
– The market is growing dynamically, but what matters is not just the pace but also the structure – said Stańczyk. She added that global comparison from Munich Re shows the global cyber insurance market reached almost $15 billion in 2025, with forecasts of $28 billion by 2030.
From payout to ecosystem of services
Modern cyber insurance policies go far beyond traditional indemnity. They now include immediate incident response support, access to forensic experts, legal assistance, and business continuity planning. – For the client, this is often the key element: the insurer becomes the first line of support from the very moment an incident occurs – explained Stańczyk.
The NotPetya attack in 2017 served as a watershed moment, triggering disputes over war exclusions and leading to high-profile settlements, such as Merck and Mondelez cases. These events shaped underwriting practices and raised awareness among Polish firms.
In Poland, clients focus primarily on policies covering ransomware losses and business interruption. Data breach support, covering legal costs and reputation management, is also increasingly important.
Stańczyk identified key future trends: regulatory evolution, integration of insurance with cybersecurity services, systemic risk challenges, and the growing role of artificial intelligence in both threats and detection. – The market stands at a crossroads. The shift from passive coverage to active resilience-building is the most significant change – she concluded.
Źródło: wnp.pl, Fot. Alex Malt/Shutterstock, Glenn Carstens-Peters/Unsplash
