A recent report from insurance brokerage group Lockton showed that cyber insurance premiums have fallen despite rising cyber incidents and rising claims, marking a “rare divergence between underlying risk and insurance pricing.”
According to the National Cyber Security Center (NCSC), organizations experienced a 129% increase in “nationally significant” cybersecurity incidents in the 12 months to August.
Nonetheless, the cyber insurance market continues to provide favorable conditions for customers, with premiums on Lockton’s portfolio falling by an average of 11% through 2025 and insurers increasingly willing to take on new risks.
“This combination of broader coverage and continued price competitiveness comes despite the fact that 2025 has seen some of the worst cyber incidents in recent history, with several major ransomware attacks severely impacting the company’s bottom line,” Lockton explained.
Adding: “This is arguably the first time a cyber incident has had a direct, material impact on UK consumers, helping to raise public awareness of cyber security to unprecedented levels.”
The interest rate cut will be more pronounced in the first half of 2025, and the rate of decline will be more gradual in the second half of 2025. Lockton expects this downward trend to continue and reduce further in the first half of 2026.
Aggressive growth targets continue to fuel demand, with new MGAs, new syndicates and insurance companies deploying more net capacity.
Insurers continue to differentiate themselves with a wider range of more tailored underwriting solutions. Noteworthy recent coverage improvements include: Any One Claims coverage, customer business interruption and restoration.
Lockton’s portfolio claims notifications increased by approximately 20% in 2025, with the majority being data breaches. Once litigation is concluded and liability is established, most of these can be extremely serious.
It’s worth noting that although ransomware attacks accounted for only 16% of notifications, they accounted for approximately 75% of total claims paid out by insurance companies.
Although ransomware is less frequent, its impact is growing, the report said. Experienced actors like Scattered Spider have extended recovery times from weeks to months.
Additionally, attackers continue to favor unpatched vulnerabilities and phishing (targeting employees and managed service providers (MSPs)) over penetration techniques.
Major insurance companies in the market stated that claims volume for the 2023 and 2024 underwriting years are still developing, and the trend is significantly higher than expected.
There is growing concern across the market that these years may ultimately prove unprofitable as claims continue to mount.
Carlo Ramadoro, head of cyber and technology at Lockton, said: “Cyber insurance continues to gain traction with buyers in 2025 and 2026, unlike at the turn of the century when prices rose dramatically and rates doubled overnight.
“Choice and competition mean premiums remain historically competitive, even as incidents increase, coverage diversifies, and large cyber incidents become more frequent and severe.”
“But this stability may not last,” he warned. “Historic claims, particularly in the United States, could pose a challenge to the market as losses accumulate in the first few years of 2023 and 2024. This could put pressure on insurers’ profitability and increase the risk of another volatile pricing period in 2027. However, any correction is unlikely to be as severe as in 2020.”
“Now is still a good time to buy cyber insurance. First-time buyers should be able to negotiate strong terms and conditions, while for existing buyers, now is a smart time to review and stress-test liability limits.”
