Reading time: 5 minutes

Welcome to the Pride's Friday Five

Every Friday our team rips through 200+ insurance, legal, and risk-management articles into three signals your board may need for its Monday briefing.

Three developments caught our attention this week:

• The AI-fueled data center buildout has pushed construction costs from $300 million to $20 billion per project, and estimates in the broker community are saying it could generate $10 billion in new insurance premium this year alone. Is there even enough capacity?
• Kroll surveyed 325 global PE executives and found that 80% experienced cyber disruption during the hold period, with an average financial hit of $2.1 million per deal. The governance gap between large and small firms is stark, and it's showing up in valuations.
• Seven in 10 legal professionals now use litigation analytics, and the platforms just expanded to 1,200 additional state courts. The plaintiffs' bar can now map your judge's language preferences before they file. We explain why this matters at renewal.

Three events we think deserve a deeper dive…First, If you'd rather listen check out the audio version.

The $3 Trillion Boom Running White Out Through Insurance

Summary

The AI-fueled data center buildout is the largest construction surge in a generation, and it's concentrated in the US.

Construction starts hit $77.7 billion in 2025, up 190% year over year, with another $88 billion in projects slated to break ground in the first half of 2026. Average-sized facilities now cost $500 million to $2 billion. Hyperscaler campuses run north of $20 billion. Morgan Stanley projects nearly $3 trillion in global data center spending by 2029, with over 40% flowing into the US.

But the risk profile is unlike anything carriers have underwritten at this scale.

Lithium-ion batteries integrated directly into server racks present fire hazards that burned for days in South Korea, a preview of exposures heading to US facilities adopting the same technology. Half of all data centers globally reported at least one impactful outage in the past three years. And in August 2025, a Virginia judge blocked the Prince William County Digital Gateway after homeowner litigation, putting community opposition risk on every developer's radar.

(sources: Allianz Commercial, Morgan Stanley, ConstructConnect)

So what?

Every carrier's book touches some piece of this buildout: builder's risk, property, business interruption, environmental liability, or project cargo.

The concentration risk warrants a hard look. Northern Virginia alone hosts over 250 data centers. Dallas-Fort Worth, Chicago, and Phoenix are expanding fast. And because these projects need space, they're pushing into Texas and the Midwest, regions exposed to severe convective storms and wildfire. Dominion Energy, the utility serving Northern Virginia, warned that grid connections for larger facilities could take up to seven years. That bottleneck is pushing operators to generate their own power on-site with gas turbines, battery storage, and small nuclear reactors, each introducing new underwriting complexity.

The US lacks comprehensive federal regulation for data centers, leaving a patchwork of state and local requirements. Wholesale electricity costs near data center hubs have risen as much as 267% over five years. Boards overseeing data center investments should be asking their brokers one question: how are concentration, fire suppression, power redundancy, and community opposition risk being evaluated in your current coverage structure?
​

Kroll Surveyed 325 Private Equity Executives and the Cyber Breaches Are Worse Than Expected.

Summary

Kroll surveyed more than 325 global PE executives to quantify what the industry has long suspected: cybersecurity risk is no longer an IT problem. It's a deal problem.

Eighty percent of PE firms experienced some form of cyber disruption during the hold period over the past year. Forty-four percent were hit with unexpected remediation costs. Twenty-seven percent suffered outright business disruption or downtime. And nearly 70% of respondents said hold-period cyber incidents are increasing year over year, with 22% calling the increase significant.

The financial toll is concrete. Nine out of 10 PE firms reported some financial impact from cybersecurity risk. The average impact to disrupted deals: $2.1 million. Thirteen percent reported losses exceeding $5 million. In the US, average deal impact ran $2.7 million, the highest of any region surveyed.

The pain doesn't stop at the hold period. At exit, 12% of deals were disrupted by cyber incidents. For firms under $1 billion in AUM, that figure jumped to 20%.

(source: Kroll, "Cyber Risk at Scale: Safeguarding Portfolio Value in Private Equity," 2026)

The LION Lens

What happened — Kroll's global survey of 325 PE executives found cybersecurity disruption across every stage of the deal lifecycle, with hold-period incidents increasing year over year for nearly 70% of respondents (source: Kroll).

Why it matters — Cyber risk has migrated from operational nuisance to material transaction risk. It now directly affects deal valuation, exit timing, and LP confidence.

Practical implications — The governance gap between large and small PE firms predicts financial outcomes. Firms without formal cyber baselines are absorbing outsized losses at every stage.

So what?

The data reveals a two-tier PE market when it comes to cyber resilience.

Among firms with more than $25 billion in AUM, 55% govern cybersecurity through formal mandates to portfolio companies. That drops to 12% for firms under $25 billion. Large firms use dedicated platforms to track cyber risk across portfolios at a rate of 58%, compared with 9% for smaller firms. And 82% of all PE firms, regardless of size, have no dedicated cybersecurity leader managing portfolio risk.

The financial consequences track directly with governance maturity. Forty-four percent of firms with under $500 million in AUM reported that cyber risk reduced their valuation or exit price. That compares with just 17% for firms above $25 billion. The measures larger firms have implemented are working. The absence of those measures in smaller firms is measurable in lost returns.

For carriers underwriting D&O, cyber, and professional liability for PE-backed companies, the governance framework is now a leading indicator of loss probability. Asking whether a PE sponsor mandates cyber controls across its portfolio isn't just good underwriting, it's predictive.

The LION POV

Here's how we're advising clients:

Ask the governance question at renewal. Does your PE sponsor enforce a formal cybersecurity baseline across portfolio companies, or handle it case-by-case? The Kroll data shows that answer predicts whether you'll face unexpected remediation costs, valuation reductions, or deal disruption.

Treat cyber due diligence as standard for every transaction. Only 34% of PE firms include cybersecurity assessments as a standard part of deal diligence. For firms above $25 billion, it's 81%. The gap represents both risk and opportunity: carriers that understand a buyer's cyber posture can price more accurately.

Build exit readiness into hold-period planning. Cyber issues uncovered late erode returns at the worst possible moment. PE firms that integrate cyber governance from Day 1 of the hold period protect both operational value and exit timing.

The pattern is consistent across the data: cyber governance is no longer optional infrastructure. It's a direct input to portfolio valuation.

Want to discuss how PE cyber governance affects your institution's coverage? Contact LION Specialty for a confidential review.

The Plaintiffs' Bar Just Got a Data Upgrade

Summary

Seven in 10 legal professionals now say their clients expect them to use litigation analytics, according to a 2025 survey by Lex Machina. The number-one reason driving adoption: successful litigation outcomes.

The platforms have matured well beyond basic case search. Attorneys mine judge-authored opinions to identify preferred language and citation patterns. They study opposing counsel's track records to anticipate strategies. They map jurisdiction-level outcomes to select the most favorable venues. And as of 2026, Lex Machina expanded coverage to 1,200 additional state courts, a significant broadening of the battlefield.

(source: LexisNexis/Lex Machina, February 2026)

So what?

Nuclear verdicts and outsized settlements don't materialize from nowhere. They're increasingly engineered, built on venue selection informed by data, arguments drafted to match judge preferences, and expert witness challenges grounded in prior rulings from the same bench.

The expansion to 1,200 state courts matters because that's where many coverage disputes, bad-faith claims, and D&O actions play out. Plaintiffs' firms that previously lacked granular state-court analytics now have them. Carriers and financial institutions that recognize this shift can adjust through coverage structure, litigation management, and how they select outside counsel. The quiet arms race underneath every significant claim just got louder.

The Bottom Line

Technology is simultaneously creating new insurable risks worth trillions, exposing cyber governance gaps that cost millions per deal, and arming the plaintiffs' bar with precision tools to extract larger judgments. Between the data center buildout reshaping carrier books, PE cyber disruption hitting 80% of firms, and litigation analytics covering 1,200 new state courts, the institutions fastest to adapt will pay the least.

In Case You Missed It!

Friday is for market signals. Wednesday is for structural intelligence, insider to insider.

Every other Wednesday we open the vault on real claim files, coverage failures, and the specific decisions that determined whether a policy paid or didn't. You won't find theory or carrier brochure talking points. Just war stories from 25 years and $250 million in recoveries, translated into lessons you can apply before you need them. Stay tuned for next Wednesday!
​
​Thank you for reading today's edition!

Want to share this edition via text, email or social media? Simply copy-and-paste the link below:

​http://lionspecialty.ck.page/3-trillion-in-data-centers-cyber-breaches-submarining-pe-deals-and-the-plaintiffs-bar-just-got-smarter

And if this briefing was forwarded to you, subscribe directly here.
​
​Stay Covered Out There Y'all,

TASH & FLIP

Co-Founders and Managing Partners

LION Specialty