The rapid expansion of data centre infrastructure, driven by surging demand for artificial intelligence and cloud computing, is creating a set of underwriting challenges for the insurance market which has not previously encountered at this scale.

The scale of the challenge

As facilities grow larger, more expensive, and more deeply embedded in the functioning of the global economy, data centres have become a focal point of systemic risk. Forecasts suggest that data centre electricity consumption could more than double by 2030, and with that growth comes an accelerating set of questions that insurers can no longer defer:

How do you price operational continuity risk for assets of this complexity, and how do you manage aggregate exposure when a single failure could cascade across entire industries?

Accumulation risk: The Underwriter's core problem

For insurers, the most pressing concern is accumulation. The concentration of critical digital infrastructure in the hands of a small number of hyperscalers means that a single loss event (whether caused by a natural disaster, a cyber incident, or a prolonged power outage) could trigger claims simultaneously across property, cyber, business interruption, and liability lines. The interconnectedness of cloud services and the dominance of providers such as Amazon Web Services means a single point of failure could generate correlated losses on a scale comparable to a major natural catastrophe.

Many carriers have already begun responding by tightening terms, including applying sub limits, exclusions, or aggregate caps to systemic cyber and cloud exposures. Others have left coverage silent, effectively transferring more of the burden back to policyholders without explicitly acknowledging the gap. Neither approach resolves the underlying problem.

A market shaped by hyperscalers

A further structural difficulty for insurers is that the market has historically been shaped by the behaviour of the largest technology companies. Hyperscalers have tended to retain significant risk on their own balance sheets or manage it through captive insurance vehicles, suppressing demand for conventional market insurance at the top end of the sector. The consequence is that insurers have had limited opportunity to build the underwriting expertise, data, and appetite needed to serve facilities of this scale and complexity.

As a new generation of data centre developers without the financial resources of a major technology company comes to market seeking coverage, insurers are being asked to underwrite risks they have relatively little experience pricing. That gap in institutional knowledge is itself a source of risk for the market.

Business interruption: Rewriting the rulebook

Business interruption cover is where the mismatch between traditional policy structures and modern data centre risk is most acutely felt. Conventional BI policies are anchored in physical damage triggers, yet the most financially damaging events in a data centre context frequently involve no physical damage at all.

A power interruption lasting less than an hour can eliminate months of revenue, given the severe penalty clauses typically embedded in leasing agreements. Failures in water supply, which are essential for cooling systems, present similarly significant exposures.

Developing products that respond to non-physical damage triggers requires insurers to fundamentally rethink their approach to policy design, risk modelling, and pricing. It also requires access to operational data that many insurers do not currently hold.

Silent cyber and the policy clarity problem

The so-called silent cyber problem adds a further layer of complexity. Where cyber incidents cause physical hardware damage, questions arise as to whether the property policy or the cyber policy responds, and the answer is frequently unclear. This ambiguity creates legal and financial uncertainty for both insurers and policyholders and exposes carriers to unexpected aggregations of loss that were never factored into their pricing.

The road ahead

The data centre sector is evolving at a pace the insurance market has yet to match. Closing that gap will require more than minor policy adjustments. It requires a wholesale reassessment of how insurers identify, price, and transfer risk in a world where digital infrastructure is as critical as any physical asset.

Those insurers willing to invest in that reassessment, building the expertise and capacity to serve this market properly, will find themselves well placed in one of the most consequential infrastructure stories of our generation. If you want to discuss the wide-reaching risks of data centres on your business, our coverage disputes and policy interpretation lawyers are happy to help.