In this report, we quantify the growth of the cyber market, which continues to evolve as a core class of insurance. Our approach consists of a comprehensive assessment of the size of the cyber industry by key regions, which, in turn, informs our view of the global cyber market.
Behind the Firewall: 2024 Global Cyber Industry Insights
As the market continues to expand, capacity providers, carriers, third-party services firms, and other members of the cyber ecosystem are contemplating new opportunities to grow without compromising performance. To support them on this journey, this study provides valuable insights on multiple dimensions of the cyber market.
In our previous report, our assessment looked at the US and non-US market segments. This year, we delve deeper into these segments and investigate the regional differences between North America (NA), Europe, Asia-Pacific (APAC) and the Rest of the World (ROW). This highlights the importance of grasping the geographic nuances of market development in key growth regions, and the underlying sensitivities that fuel their potential for growth.
After very large compound rate increases in 2021 and 2022, the market has stabilized while experiencing modest softening in certain areas. Rates flattened or decreased in 2023, continuing to adjust throughout 2024.
This has culminated in a market that has expanded to an estimated USD 16.6 billion in 2024, with NA making up the majority at USD 10.5 billion, Europe at USD 3.9 billion, APAC at USD 1.7 billion and ROW at USD 0.5 billion. New growth to the industry is being driven by under-penetrated industry segments, developing regions and new products.
Alongside this growth, we are also investigating the aggregation potential these regions present through our vendor model partners. We see that divergence between models is partly driven by differences in interpretation of cyber events and how these can materialize. The modeled global aggregation loss potential for the industry varies from USD 20 billion to USD 46 billion for 2024 at the 1-in-200-year return period (RP), leading to a market loss ratio between 120% and 277%.
This emphasizes the contrasting perspectives among vendors in the face of escalating cyber activity and heightened geopolitical tensions globally, which have shifted the threat actor modus operandi. As a result, the cyber landscape has become more adversarial, causing actors to adopt emerging technology within their campaign operations. Organizations have responded accordingly and begun to deploy the same emerging technologies for defensive purposes against such campaigns.
Evolving tactics, techniques and procedures (TTPs) have impacted the cyber ecosystem for existing risks, as ransomware incidents remain a significant cause of losses worldwide, and vendors have prioritized developing models to detect and evaluate this threat. Besides malicious attacks, the threat of non-malicious accidental events persists, particularly with the dearth of vendor modeling capabilities behind it.
Efforts are being made by the industry to improve visibility of systemic technology systems and what parallels can be drawn from malicious cyber events to discern a view. However, there is a difference in opinions regarding the extent to which these events result in losses. This highlights the importance of enhancing our collective comprehension of intangible cyber risks.
With a more granular lens through which to observe global cyber market dynamics and continued development across vendor model parameterization, Guy Carpenter is able to provide unique insights into the development of the peril as a whole and guide its clients in navigating these regions with confidence.