Hackers are constantly probing for “the one flaw overlooked” in Houston’s computer networks, the official responsible for safeguarding the fourth-largest U.S. city’s system said.

“Compromise is inevitable,” said Christopher Mitchell, chief information security official, at a Houston City Council hearing last month. His presentation helped persuade local lawmakers they needed a $30 million cybersecurity insurance plan with a $471,400 premium, an example of a burgeoning trend across the country. Policies vary, but insurance can cover hackers’ extortion demands, legal liabilities, computer-forensics expertise and costs for problems like having government services knocked off line.

A majority of the 25 most-populous U.S. cities now have cyber insurance or are looking into buying it, according to a Wall Street Journal survey. A ransomware attack on Atlanta earlier this year—one of the biggest reported breaches of a city’s network—served as a warning to officials everywhere of the constant barrage from hackers. Cities and even library systems are being hacked more often than people realize, but many heard about Atlanta.

“It got a lot of people nervous and got a lot of people coming to the market and saying, ‘Hey, I’m really interested in buying this,’ ” said Brad Gow, global cyber product leader at insurer Sompo International Holdings Ltd.

Cities including Boston, Nashville, Tenn., Washington, D.C., and San Jose, Calif., are actively researching cyber insurance. Dallas, San Diego, Denver and Detroit are among those that already have cyberpolicies; none have filed claims.