The cyber insurance market has expanded to an estimated US$16.6 billion in 2024, with North America accounting for US$10.5 billion, Europe US$3.9 billion, Asia-Pacific (APAC) US$1.7 billion, and the Rest of the World (ROW) US$0.5 billion, according to a new report from Guy Carpenter.
Guy Carpenter said that the study examined regional growth patterns, emerging industry segments, and the evolving nature of cyber risk.
Following significant compound rate increases in 2021 and 2022, the market stabilized in 2023, with rates flattening or decreasing in certain areas. This adjustment has continued into 2024, reflecting a more mature cyber insurance landscape.
Growth in the sector is being driven by under-penetrated industries, expansion in developing regions, and the introduction of new products.
Guy Carpenter’s analysis also considered aggregation risk, using data from vendor model partners. The study indicated a divergence in modeled global aggregation loss estimates, ranging from US$20 billion to US$46 billion for 2024 at a 1-in-200-year return period.
These figures translate to a market loss ratio of between 120% and 277%. Variability in estimates stems from differing interpretations of cyber events and their potential financial impact.
The growth – and rise in risks – also extend to the global cyber reinsurance markets, which Lockton Re described as fairly active going into 2025, influenced by industry developments, market capacity shifts, and high-profile cyber incidents.
The Q2 2024 period in particular saw continued profitability for the cyber reinsurance sector, with new entrants adding capacity, competition affecting rates, and increased focus on systemic risks.
As cyber threats evolve, the industry has seen increased geopolitical tensions influence the tactics used by threat actors. These developments have contributed to a more adversarial cyber landscape, prompting organizations to adopt emerging technologies to mitigate risk.
Guy Carpenter noted that while ransomware remains a primary driver of cyber losses, non-malicious accidental events continue to pose a challenge, with limited modeling capabilities to assess their impact.
The report highlighted ongoing industry efforts to improve systemic risk visibility, particularly regarding how cyber events translate into financial losses. Differences in opinion persist on the extent to which these events result in insurable claims, reinforcing the need for a more comprehensive understanding of intangible cyber risks.
What are your thoughts on this story? Please feel free to share your comments below.
