Market Reports | July 7, 2026
State of the Global Insurance Market: Q2 2026Datacentres have become critical infrastructure for the digital economy. They support cloud services, AI platforms, financial systems, government, healthcare, logistics, retail, media and almost every online customer experience. That makes datacentres attractive targets for cybercriminals, hostile nation-state actors and opportunistic hackers. It also means that when a datacentre suffers a cyber incident, the effects can move quickly from technical disruption to contractual liability, customer loss, regulatory scrutiny, reputational damage and major financial impact. Costero Brokers helps datacentre operators and their insurance partners (including brokers, MGAs and InsurTechs) build specialist cyber insurance programmes that reflect the real operational, contractual and third-party risks involved.
For datacentres today, cyber risk exposure is increasingly complex. It sits across IT systems, operational technology, customer portals, remote access tools, building management systems, power and cooling infrastructure, managed service providers and the wider software supply chain.
Fast-growing AI workloads also raise the stakes, because higher-density computing can increase dependency on power, cooling, specialist hardware and tightly managed uptime.”
Attackers know that datacentres are high-pressure environments. Downtime is immediately visible. Customers may depend on strict uptime commitments. A loss of access, service degradation, ransomware event, malicious insider incident or compromised management platform can create financial pressure within minutes.
The broader cyber picture remains difficult. The UK Government’s Cyber Security Breaches Survey 2025/2026 found that 43% of businesses identified a cyber breach or attack in the previous 12 months. Phishing remained the most common type, experienced by 38% of businesses overall and by 88% of affected businesses. A major concern for datacentres is how phishing, stolen credentials and supplier compromise can become the first step towards operational interruption. (Source: UK Government)

Most cyber incidents involving datacentres go unreported publicly, but events of recent years have shown how dependent businesses are on resilient digital infrastructure.
In June 2024, a ransomware attack compromised Indonesia’s national datacentre, disrupting immigration checks at airports and prompting a USD $8 million ransom demand. That incident was a stark reminder that datacentre disruption is not only a business risk – it can disrupt vital public services and raise wider questions about national resilience. (Source: Reuters)
In July 2024, a faulty software update from cybersecurity firm CrowdStrike caused a major global IT systems outage, creating disruption across airlines, banks, hospitals, retailers, broadcasters and other organisations. This was not a malicious cyberattack, but it showed how a single technology failure can cascade across organisations and systems worldwide. Insured losses from the event were estimated at up to USD $1.5 billion. For datacentre operators, the lesson is clear – whether a disruption is triggered by malicious code, failed software, compromised access or supplier error, the commercial consequences may still land at your door. (Source: Reuters)
Outage research points in the same direction. Uptime Institute’s Annual Data Center Outages Analysis 2026 says outage prevention remains a central focus for datacentre operators as demand growth, AI-driven workloads and power constraints reshape risk profiles. It also highlights increasing system complexity, grid instability, growing co-dependencies and evolving external threats as risks operators must actively manage. Even where outages are becoming less frequent, the cost and reputational consequences of serious failures remain high. (Source: Uptime Institute)
A cyber incident at a datacentre does not only affect the operator’s own systems. It can affect every customer relying on that environment. That is where the risk becomes more complex than standard business interruption. Your exposure may include:
This is why a standard cyber policy may not be enough. A datacentre is not simply “a business with IT”. It is the environment other businesses depend on to operate.
Strong cyber security remains the first line of defence. Any responsible datacentre operator today will invest in layered protection, including identity controls, network segmentation, privileged access management, endpoint detection, resilient backups, incident response planning, supplier assurance, physical security and operational technology monitoring.
The UK National Cyber Security Centre’s supply chain guidance warns that organisations often depend on complex supplier networks where vulnerabilities can be introduced or exploited at many points. That is particularly relevant for datacentres, where software, hardware, maintenance, energy, telecoms and managed services all form part of the resilience picture. (Source: NCSC)
But no security measure can guarantee total protection. Even the most experienced and best-prepared datacentre operators can be affected by zero-day vulnerabilities, social engineering, cloud dependency, accidental configuration changes, compromised suppliers or geopolitical events. Cyber security should therefore be complemented by appropriate cyber insurance as part of a broader resilience strategy, not as an afterthought.
The right insurance programme depends on the nature of your datacentre, your customers, your contracts and your technology stack. A colocation provider leasing rack space to enterprise clients faces different risks from a hyperscale operator, managed hosting provider, cloud platform, edge datacentre or specialist facility supporting AI workloads.
A tailored programme should consider cover for:
For datacentre operators, wording detail matters. The exact agreed policy definitions of terms such as ‘computer system’, ‘network interruption’, ‘security failure’, ‘system failure’, ‘supplier’, ‘cloud provider’ and ‘dependent business interruption’ can make a major difference when a claim is tested.
Lloyd’s of London is one of the world’s leading marketplaces for complex and specialist insurance. Cyber is now one of the fastest-growing classes at Lloyd’s, with more than one-fifth of global cyber insurance placed there. Lloyd’s and the Association of British Insurers (ABI) have also published guidance on the components of a ‘major cyber event’, reflecting the market’s focus on systemic cyber risk, aggregation and resilient insurance capacity. (Source: Lloyd’s/ABI)
The risk profile for datacentres is both specialist and global. Operators may serve customers across multiple jurisdictions, support regulated industries and depend on layered technology ecosystems. Lloyd’s brings together underwriters with expertise in cyber, technology, professional liability, business interruption, crisis response and multinational placements.
As a trusted Lloyd’s broker with broad cyber expertise, Costero Brokers works with clients to obtain cyber insurance programmes designed around their actual risks, not off-the-shelf assumptions. For datacentre operators and their insurance partners (including brokers, MGAs and InsurTechs), that means understanding the business model, customer contracts, uptime obligations, supplier dependencies, security controls, claims scenarios and growth plans before approaching the market.
We can help you present your risk clearly to Lloyd’s underwriters, negotiate appropriate limits and retentions, challenge exclusions, review policy wording and build a programme that supports both resilience and commercial confidence.
Datacentre cyber risk is evolving quickly. The operators that respond best will be those that combine strong security, tested continuity planning and insurance designed for the realities of their business.
To learn more, discuss your challenges and explore the right protection for your organisation or clients, get in touch with Costero Brokers and speak to our expert, Jonathan Olley, Divisional Director – Cyber, Media & Technology.