Virtual Event Today: Supply Chain Security Summit - Register Now

Security Experts:

Connect with us

Hi, what are you looking for?


Cyber Insurance

Cyber Insurance Market to Top $14 Billion by 2022: Report

The global cyber insurance market is expected to generate $14 billion by 2022, according to a new report published by Allied Market Research (AMR). That figure represents an impressive compound annual growth rate (CAGR) of nearly 28% from 2016 to 2022.

The global cyber insurance market is expected to generate $14 billion by 2022, according to a new report published by Allied Market Research (AMR). That figure represents an impressive compound annual growth rate (CAGR) of nearly 28% from 2016 to 2022.

North America constituted the largest cyber insurance market share in 2015, which is expected to dominate the market during the forecast period.

“Increase in awareness about cyber risks from boardroom to data centers owing to the rising number of cyber-attacks in the past 2-3 years is the prime factor that drives the market,” the report explains. “However, complex and changing nature of cyber risks limits cyber insurance market growth. Low market penetration of cyber insurance policies in developing countries offers promising business opportunity for market players.”

In terms of verticals, healthcare organizations currently generate roughly one-third of the total premiums, the report said, noting that in the United States approximately 78% of hospitals do have a cyber insurance policy.

In terms of orgaziational size, large companies generated approximately 70% of the overall cyber insurance market revenue in 2015, with North America dominating the industry with around 87% of the overall cyber insurance market last year.

“Mandatory legislation regarding cyber security in several U.S. states has led to higher penetration of cyber liability insurance policies,” AMR explained. “The U.S. cyber insurance industry has become mature, and growth of the cyber insurance industry is projected to decrease owing to rising adoption of cyber liability insurance policies. Europe has very less penetration of cyber insurance liability policies as compared to that of the U.S. The European council has recently passed regulations regarding data protection and security, which are projected to be brought into effect in 2018. These regulations would oblige companies to purchase cyber insurance policies. Though Asia-Pacific accounts for negligible percentage share, it is expected to grow at a significant CAGR during the forecast period owing to a significant increase in ransomware attacks.”

By comparison, a report (PDF) from PwC estimate that annual gross written premiums are set to increase from around $2.5 billion in 2015 to $7.5 billion by 2020.

“The cyber insurance market will Cyber insurance is a potentially huge, but still largely untapped, opportunity for insurers and reinsurers,” PwC said. 

“Many insurers face considerable cyber exposures within their technology, errors & omissions, general liability and other existing business lines,” PwC cautioned. “The immediate priority is to evaluate and manage these ‘buried’ exposures.”

“Cybercrime is still a serious threat and no longer is considered as a risk covered under traditional network security insurance product,” Yogiata Sharma, Research Analyst, Consumer Goods Research at AMR, said in a statement. “Organizations from all industries need coverage for liability and property exposure which is a result of cyber-attacks. This is an opportunity for insurers and reinsurers to innovate cyber insurance products that manage various degrees of risks and cover cost-associated data breaches, credit monitoring, forensic investigations, reputation management, and business interruption.” 

Key players in the cyber insurance market include American International Group (AIG), Chubb, Zurich Insurance, XL Group Ltd (Ireland), Berkshire Hathaway (U.S.), Allianz Global (Germany), Munich Re Group (Germany), Lloyd’s (U.K.), Lockton (U.S.), and AON PLC (U.K.).

While cyber insurance can help companies cover costs associated with damaging cyber attacks and data loss, it’s important to remember what cannot be covered, such as theft of intellectual property and remediation of a breach, reminds SecurityWeek contributor Joshua Goldfarb.

“It’s easy to cynically view cyber insurance as yet another fad creating noise in the already crowded security market,” Goldfarb writes. “What’s harder is truly understanding all of the necessary components in a sound and strategic risk mitigation strategy. Cyber insurance, like any tool, will not solve all of an organization’s problems. But it can help an organization round out its risk mitigation strategy.

Related: The Hidden Strategic Advantage in Cyber Insurance

Related: Cyber Insurance: Security Tool or Hype? 

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Risk Management

In this virtual summit, SecurityWeek brings together expert defenders to share best practices around reducing attack surfaces in modern computing.

CISO Strategy

The question for 2023 and beyond is whether the cyberinsurance industry can make a profit without destroying its market.

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...