Cyber insurance premiums have fallen despite an increase in cyber incidents and rising claims, marking a “rare divergence between underlying risk and insurance pricing,” according to a recent report from insurance broking group Lockton.
During the 12 months ending August, organisations experienced a 129% increase in ‘nationally significant’ cyber security incidents, according to the National Cyber Security Centre(NCSC).
Despite this, the Cyber insurance market continues to provide favourable conditions for clients, with premiums across the Lockton portfolio dropping by an average of 11% in 2025, and carriers increasingly willing to cover new exposures.
“This combination – of broader coverage alongside continued price competitiveness – comes despite 2025 witnessing some of the most consequential cyber incidents in recent history, with several major ransomware attacks significantly impacting company earnings,” Lockton explains.
Adding: “It was also arguably the first time in which a cyber event had a direct, substantial impact on UK consumers, helping to elevate public awareness of cyber security to an unprecedented level.”
The first half of 2025 saw more pronounced rate reductions, and the decrease was more gradual in the latter half. Lockton expects this downward trend to continue, with further reductions through the first half of 2026.
Aggressive growth targets continue to fuel appetite, with new MGAs, a new syndicate, and insurers deploying more net capacity.
Insurers continue to differentiate themselves with broader and more tailored coverage solutions. Notable recent coverage improvements include: any-one-claim coverage, customer business interruption, and reinstatements.
In 2025, Lockton’s portfolio claim notifications rose approximately 20%, most of them being for data breaches. Most of these are likely to be extremely severe once litigation has concluded and liability is established.
Notably, although ransomware attacks accounted for only 16% of notifications, they represented approximately 75% of total insurer payouts.
According to the report, despite lower frequency, ransomware impact has intensified. Sophisticated actors like Scattered Spider have pushed recovery timelines from weeks to months.
Also, attackers continue to favour unpatched vulnerabilities and phishing – targeting both employees and managed service providers (MSPs) – over infiltration techniques.
Major insurers in the market have indicated that claims from the 2023 and 2024 underwriting years, which are still developing, are trending significantly higher than anticipated.
There is growing concern across the market that these years may ultimately prove unprofitable as claims continue to develop.
Carlo Ramadoro, Head of Cyber and Technology at Lockton, stated: “Cyber insurance continues to favour buyers in 2025 and 2026, unlike at the turn of the decade when sharp price increases saw rates double overnight.
“Choice and competition mean premiums remain historically competitive, even as incidents rise, coverage diversifies, and large cyber events become increasingly frequent and severe.”
He warned, “But this stability may not last. Historic claims, especially in the US, could challenge the market as losses from earlier years in 2023 and 2024 accumulate. This could put pressure on insurer profitability and raise the risk of renewed pricing swings in 2027. However, any correction is unlikely to be as severe as in 2020.
“Now remains an opportune time to purchase Cyber Insurance. First-time buyers should be able to negotiate strong terms and conditions, and for existing buyers, it is a sensible moment to review and stress-test limits of liability.”
