Cyber reinsurance market expands amid new capacity and competition – Lockton Re

Rate reductions, systemic risk concerns, and AI-driven threats shape the cyber reinsurance landscape

Cyber reinsurance market expands amid new capacity and competition – Lockton Re

Reinsurance

By Kenneth Araullo

The global cyber reinsurance market remained active in the second half of 2024, influenced by industry developments, market capacity shifts, and high-profile cyber incidents, according to insights from Lockton Re.

The period saw continued profitability for the cyber reinsurance sector, with new entrants adding capacity, competition affecting rates, and increased focus on systemic risks. 

One of the most notable events of the period occurred on July 19, 2024, when an update failure in the CrowdStrike Falcon Sensor security product triggered widespread system outages. While initially perceived as a potential cyber catastrophe, the incident was quickly identified as non-malicious, with most systems restored within hours.

Losses for insurers were lower than early estimates of between US$400 million and US$1.5 billion, as few claims materialized. Quota share reinsurers experienced some activity, while excess of loss reinsurers were largely insulated due to policy structures that limit exposure to non-malicious events. 

The incident sparked ongoing discussions in the market regarding coverage for non-malicious cyberattacks. While coverage structures exist to protect against both malicious and non-malicious threats, most cedants have historically focused on coverage for malicious incidents.

Lockton Re noted that the event prompted a reassessment of exposure management strategies, with reinsurers and cedants conducting scenario analyses to better understand potential financial impacts. 

Cyber reinsurance market trends

The cyber reinsurance market has continued to attract new capacity, with both insurers and reinsurers expanding their presence in the sector. Lockton Re reported that several new entrants began underwriting cyber risk in the latter half of 2024, introducing differentiated offerings such as enhanced portfolio analytics and alternative reinsurance structures.

The increased capacity has contributed to competitive pricing, with rate reductions varying by geography and business segment, ranging from -5% to -20%. 

Despite the continued frequency and severity of cyberattacks, the rating environment for cyber reinsurance has remained mixed. Improved resilience measures among insureds have helped mitigate losses, particularly in high-risk sectors such as healthcare, financial services, and critical infrastructure.

One of the key areas of focus has been the evolving role of artificial intelligence (AI), both as a tool for cybercriminals and as a means of strengthening cyber defenses. 

Following a period of significant rate increases, premium rates in the original cyber insurance market have been declining since the peak of the hard market in 2021. Lockton Re noted that as competition increases, clients are benefiting from broader coverage terms and improved reinsurance economics.

However, the quality of underwriting data has become a growing differentiator in portfolio performance, with increased emphasis on specific coverage grants, sublimits, and digital identifiers to enhance market analytics. 

Systemic risk remains a central concern for the cyber insurance and reinsurance industry. The CrowdStrike outage was the third widespread cyber-related disruption in 2024, following earlier incidents involving Change Healthcare and CDK Global.

While significant insured losses have not yet emerged from these events, Lockton Re emphasized that awareness of systemic cyber exposure is increasing. 

Capital markets are playing a growing role in cyber risk management. In the second half of 2024, the cyber insurance-linked securities (ILS) market saw its largest catastrophe bond and industry loss warranty (ILW) placement to date, securing US$500 million in non-proportional cyber capacity.

Lockton Re observed that alternative risk transfer mechanisms, including cyber ILS and ILWs, are expected to become a more significant component of cyber reinsurance structures in the coming years. 

2025 outlook

Looking ahead, cyber reinsurance market dynamics in 2025 will be shaped by regulatory changes, market capacity shifts, and emerging cyber risks.

Lockton Re pointed to two major legislative developments: the EU AI Act, which introduces cybersecurity and governance requirements for AI systems, and the Digital Operational Resilience Act (DORA), which imposes stricter information and communication technology security standards for financial institutions. 

Market participants are also evaluating new reinsurance structures to address evolving risks. Lockton Re noted that while quota share capacity remains strong, many established cedants are shifting towards excess of loss coverage to better manage risk aggregation.

Some newer entrants have focused on supporting aggregate stop-loss treaties, increasing competition in that space. 

Parametric solutions are also being explored as an alternative approach to cyber risk transfer. Some insurers have introduced coverage linked to specific triggers, such as cloud service outages. However, challenges remain in defining event parameters and establishing verifiable claims mechanisms. 

Lockton Re expects continued growth in cyber reinsurance, with further expansion into emerging markets where digital infrastructure is evolving. The increased use of technology in underwriting and risk modeling is likely to improve market resilience and enhance insurers’ ability to manage systemic risk.

While headwinds persist, the sector remains positioned for further development as it adapts to the changing cyber threat landscape.

What are your thoughts on this story? Please feel free to share your comments below.

Keep up with the latest news and events

Join our mailing list, it’s free!