Asia’s SME cyber gap is the biggest growth opportunity: Swiss Re’s Kahrom

A softer market, rising threats and untapped SME demand suggest Asia’s cyber sector is entering its defining phase, says Swiss Re’s Giv Kahrom.

Key points:
Asia poised for cyber growth
Education, not expansion, key
SME protection gap biggest opportunity

Cyber insurance growth might be slowing globally, but Asia-Pacific is still on an upward curve. Swiss Re’s head of cyber for regional markets, Giv Kahrom argues the region’s young, data-rich market and its vast SME protection gap will define the next chapter.

“Asia is still less saturated than the US or Europe, so we expect over-proportional growth here because the fundamentals are strong and capacity is coming in.”

After years of sharp rate increases and a hard market triggered by ransomware attacks between 2020 and 2022, the global market is now settling. Premium growth is globally estimated with a 5% CAGR in 2025, Swiss Re data shows. Yet the story in Asia-Pacific is different. APAC ranks as the third-largest market for cyber premium with a 10% premium share and a premium volume of $1.5bn.

“It’s a young line of business, but a very data-rich one,” Kahrom told SIRC Today. “Asia is still less saturated than the US or Europe, so we expect over-proportional growth here because the fundamentals are strong and capacity is coming in.”

That growth, he cautions, brings both opportunity and responsibility. “We want to keep the market sustainable. Our role as a reinsurer is to give insurers the tools for long-term, efficient underwriting. 

“Sustainability means prudent pricing and product design, not just expansion.”

The untapped SME frontier

The biggest opportunity, and challenge, lies with small and medium-sized enterprises. Swiss Re data shows SME cyber insurance penetration globally remains near 10%, and even lower in Asia. 

“The SME protection gap is both a challenge and an opportunity,” Kahrom explained. “These businesses are far less insured than large corporates. The way to change that is through education, product simplicity and distribution that fits the local market.”

That means designing modular, easy-to-understand covers, supporting insurers on pricing and underwriting and encouraging all market players, including brokers, reinsurers, cybersecurity firms and governments to invest in risk awareness, he noted.

“Everyone has to invest in education and risk awareness. It’s not something reinsurers can fix alone,” he said.

Asia’s diversity makes one-size-fits-all strategies impossible. Mature markets such as Japan and Australia demand advanced analytics and product depth, while India, Indonesia and Vietnam are still at an earlier stage of adoption.

“Those markets need different attention,” said Kahrom. “In mature territories, we focus on deeper client engagement; in maturing ones, it’s about building awareness and capacity. In both, the goal is the same – sustainable growth.”

Swiss Re’s long-standing local presence is its advantage. “Understanding local needs and having proximity to clients is what builds trust.”

Softening, but sustainable

After three consecutive years of falling prices globally, cyber rates in Asia have also softened, driven by more capacity and competition. But Kahrom welcomes the shift.

“Yes, competition has increased and rates have moderated, but what matters is sustainability,” he said. “Capacity is growing, and Asia is attracting new players. 

“That’s good for education and innovation, as long as risk-adequate underwriting holds, this is only possible with local Underwriters and expertise.”

Swiss Re estimates that while overall growth is moderating, Asia’s share of the global cyber market is set to rise steadily over the next decade, supported by regulatory interest, investment in digital infrastructure and rising demand for risk transfer.

Contrary to perception, cyber insurance is not starved of data, Kahrom insists. “It’s one of the most data-rich lines,” he said. “Every account comes with detailed information – sub-limits, deductibles, waiting periods. That granularity gives us insight few other lines can match.”

Swiss Re's Cyber Data Lake project aggregates years of global underwriting and claims data to model systemic exposure. “We’ve been filling that data lake continuously,” Kahrom explained. “It allows us to replicate market-wide patterns and improve accumulation modelling.

“Understanding accumulation and systemic risk is crucial. It’s how we make sure the market stays resilient,” he added.

AI and systemic risk

Kahrom is pragmatic about AI. “Right now, we don’t see GenAI affecting claims data yet,” he said. “But attackers are getting faster and smarter, and defences are improving too. We’re right in the middle of that evolution.”

He believes it’s too early to predict the impact of regulation, but noted that Swiss Re is taking part in discussions of possible public-private frameworks with governments across Asia on systemic risk preparedness and cyber-ILS-type structures. 

“This goes beyond insurance, it’s an economic and societal topic. At some point, it will need coordinated attention,” he said. “We’re in continuous dialogue. It’s early days, but these are important discussions.”

Looking ahead, despite the growing competition, Kahrom sees the long-term picture of cyber in the region. “We’re not here for one or two years. We’re here to build sustainable cyber markets in Asia,” he said. “Cyber remains exciting – and Swiss Re is on the forefront of that journey.”

For more news from SIRC Today, click here.

Did you get value from this story?  Sign up to our free daily newsletters and get stories like this sent straight to your inbox.