Lockton Re, the reinsurance arm of the privately held independent insurance broker, has released a major report titled Cyber Insurance 2030: Charting a Course for Growth.
Lockton Re’s research identifies three key drivers for the market’s expansion: improving data quality to better understand portfolio risks, continued investment in granular cyber risk models, and evolving product offerings to serve diverse buyers, particularly small and mid-sized enterprises (SMEs), where adoption remains low.
According to Lockton Re, the cyber insurance market is expected to more than double by 2030. Even conservative estimates point to substantial growth, which will have wide-ranging implications for both the cyber re/insurance sector and the broader insurance industry. However, the report stresses that this growth is not automatic; it will depend on deliberate strategic actions by market participants.
Tim Gardner, CEO of Lockton Re, draws parallels between the evolution of the cyber insurance market and the Directors and Officers (D&O) insurance market. While D&O has grown steadily due to regulatory scrutiny and litigation pressures, cyber insurance has expanded rapidly in response to a shifting threat landscape. Lockton Re notes that adoption has been uneven: approximately 80% of large companies now carry cyber coverage, while only 10% of SMEs do so, highlighting a significant opportunity for market development.
Lockton Re emphasises that diversification remains a cornerstone of the market. Cyber risks are largely non-correlated with other major insurance exposures, such as property or casualty losses, which positions cyber insurance as a valuable component of broader portfolios.
The firm highlights that understanding risk correlations within cyber portfolios—from geographic and industry-specific exposures to company size and technology infrastructure—is critical to assessing potential losses and efficiently deploying capital.
Lockton Re’s report stresses the importance of linking market growth to sustainable capital availability. Cyber risk offers a non-correlated asset class attractive to investors, complementing traditional property and casualty exposures. The development of Insurance-Linked Securities (ILS), including cyber catastrophe bonds, is already providing a pathway for non-traditional investors to participate in the market.
The report notes that cyber catastrophe modelling is still evolving. Unlike natural catastrophes, cyber events have limited historical precedents, creating uncertainty for both insurers and investors. Lockton Re advocates continual refinement of models, combining scenario analysis, threat intelligence, and technology dependency mapping to better assess systemic risks.
The report highlights the growing complexity of digital ecosystems and the potential for systemic losses. Modern organisations rely on interconnected cloud platforms, third-party vendors, and critical infrastructure, creating multiple points of vulnerability. Lockton Re underscores that mapping these dependencies and understanding potential cascading effects is essential for accurate risk assessment.
Furthermore, even minor adjustments in cyber modelling—such as representing security measures or calculating business interruption losses—can significantly influence projected outcomes. Lockton Re emphasises that improving data quality at underwriting, including capturing firmographic details and policy specifics, is vital to reduce uncertainty and deploy capital efficiently.
Lockton Re calls for a reimagining of cyber insurance products to support market growth. Options include modular coverage that aligns with a company’s peak exposures, separating first- and third-party losses, and integrating insurance with other cybersecurity solutions. The report notes early experiments with bundling insurance with cloud services or security software, though widespread adoption remains limited.
The firm also highlights the SME sector as a critical growth opportunity. While adoption has historically been low, innovative distribution models, simplified products, and cyber-focused managing general agents (MGAs) are helping bridge the gap. Lockton Re cites examples like Coalition, which focuses on reframing cyber risk for SMEs to make insurance more relevant and accessible.
Oliver Brew, recently appointed to the newly established role of Head of Cyber Centre of Excellence, Lockton Re and Co-author of the Report, commented: “The cyber market is anticipated to more than double by 2030. Even conservative estimates suggest significant continued growth, which will have profound implications for both the cyber re/insurance market itself and the wider industry.
“There is inherent uncertainty in any projection of market growth, so, rather than simply adding numerical estimates to the market projection, we have looked beyond the numbers to examine the conditions necessary to meet such expectations.”
Brian Lewis, Cyber Practice Leader, North America and Co-author, added: “The cyber market can draw lessons from experience in other classes, and with the amplifying impact of dramatically improved computational power, there are many reasons for continued optimism for the long-term robust health of the cyber insurance industry. However, as an industry we need to identify a roadmap of priorities for the cyber re/insurance industry and meeting growth expectations will be challenging without investment in several areas.”
Brew concluded: “The report highlights that we really need a range of perspectives to inform direction of travel for the industry in terms of cyber. One of the inescapable facts of the cyber insurance market is that there have only been a handful of true cyber catastrophe events where single incidents have led to multiple impacted parties. As a result, there are limited data points to understand how a technology incident would affect multiple companies simultaneously.
“Much research has been conducted on this, but, inevitably, there is an element of conjecture about how exactly this could manifest. Our call for investment in data quality, modelling investment and a flexible approach to product offering will really help the cyber market to reach its potential and service clients large and small effectively.”
Lockton Re’s report concludes with cautious optimism. The firm acknowledges current headwinds, including short-term excess supply, legacy systems, and evolving threat landscapes, which make pricing and capital allocation challenging. Yet, the report emphasises that sustained innovation, improved modelling, and strategic deployment of capital can support continued market growth.
Industry leaders quoted in the report, including Mark Greisiger of NetDiligence, note that increasing technical expertise, improved underwriting efficiency, and better client engagement are positive signs for the market’s future.
About the Author
