The cyber insurance market is controlled by the U.S. with some of the European countries contributing to the total premiums in 2017. The North American region has always been the most forward to adopt new technologies and a hub for technological innovation. With new technologies come new threats and thus, US has the greatest number of data breaches recorded in the year 2017. So, the demand for cyber insurance has always been high in the U.S. with European countries starting to mushroom along with some Asian countries. Government regulations, being one of the major driver of the cyber insurance market have started to show up for different countries. For instance, Singapore, Malaysia, Vietnam, and China have either introduced or updated their first layer of Cyber security, data privacy laws, security, and control of data. For instance, China introduced a sequence of legislative reforms in recent years that seek to ensure stronger data protection. The Australian government passed a privacy amendment bill in February 2017, which states that Australian organizations will now have to publicly reveal any data breaches, with penalties ranging from $360,000 for responsible individuals to $1.8 million for organizations.

All the companies doing business with clients and prospects in the EU will need to comply with new legislation (GDPR), else they could be fined up to 2 to 4% of their global revenue depending upon the type of activity and subject to monetary caps. The UK had the major share in the cyber insurance market of the Europe region, mainly driven by the growing awareness of proliferating cyber threats across various sectors and the government regulations.

Cybercrime is becoming a bigger risk for businesses in Asia-Pacific as compared to North America and Europe. Rapid growth in connectivity and the accelerating speed of digital transformation makes APAC region, more vulnerable to cyber exploitation. Despite the proliferation of technology and cyber-attacks in this region, there lies significant opportunities for insurers here as APAC’s cyber insurance market share remains negligible.

The first cyber insurance standalone products came out in the India market in 2013, which were mostly driven by the IT sector (Companies such as Infosys, Wipro and TCS) which had to comply with client requirements (largely based out of USA) of taking up the cyber insurance to protect the huge customer data. The market now is slowly shifting towards BFSI sector owing to the compliance requirement by the Reserve Bank of India (RBI). At this point of time, around 30-40 banks in India have taken up the cyber insurance with cover limits ranging from USD 5 million to 150 million. The major companies providing cyber insurance in India are HDFC, ICICI Lombard, Tata AIG and New India Assurance.

Considering South America region, there has been a significant increase in the data breaches affecting businesses in countries such as Brazil and Mexico. In Brazil, the number of cyber-attacks grew by 197% in 2014 and online banking fraud increased by 40%. It has also been testified that nearby USD 3.75 billion has been hacked and stolen since 2012 from a popular payment method used all over Brazil. While cybercrime is a relatively new phenomenon, cyber insurance is rapidly becoming quite sophisticated in the South America with many private companies and government agencies taking concrete steps to combat cybercrime. Furthermore, Middle-East and North Africa spending on the cyber security is anticipated to grow in the coming years, mainly driven by the regulations and increased awareness among the organizations as their needs evolve to address more complex threats.