Cyber risks are escalating across the globe, but Korea's insurance market — meant to cushion businesses from potential fallout from hacks — is barely keeping pace with global peers, according to industry officials, Tuesday.

The nation's cyber insurance sector accounts for just about 0.02 percent of global premiums, a negligible share for one of the world’s most digitally advanced economies.

The gap is becoming harder to ignore, as a string of high-profile breaches have rattled major industries from telecom and finance to e-commerce. Companies such as SK Telecom, Coupang, YES24 and Lotte Card have all made headlines for being hacked in recent months.

The scale of the threat is growing quickly. Korea experienced 2,383 cyber incidents in 2025 alone — nearly double the level from just two years earlier — with server hacking accounting for the largest share, according to the Korea Internet & Security Agency.

Despite the surge in attacks, the country’s cyber insurance market remains underdeveloped relative to the size of its economy and Korea's overall insurance market.

A 2024 report by Gallagher Re put Korea’s cyber insurance premiums at around $3 million, just 0.02 percent of the global total of $15.3 billion.

The gap is even more pronounced in regional comparisons, with Korea’s cyber insurance market trailing far behind economies with much smaller nominal GDPs. Singapore, for instance, recorded about $39 million in cyber insurance premiums and Thailand $5 million.

Son Jae-hee, research director at the Korea Insurance Research Institute, points to two core challenges: limited awareness of cyber risk among corporate decision-makers and the fast-evolving nature of cyber threats, which makes risk assessment and pricing difficult for insurers.

“Many firms struggle to assess their own risk exposure, so they tend to avoid the cost or handle incidents internally to manage reputational fallout. Once a breach becomes public, the damage can be significant, which also discourages the use of insurance,” Son said. “ In terms of budget priorities, spending on security subscriptions, equipment or consulting usually comes before insurance.”

On the supply side, insurers face their own constraints. Cyber risks are often simultaneous and interconnected, leading to cumulative losses that can spread across systems and third-party networks. Combined with the rapid evolution of threats and uncertainty in claims assessment, this makes losses difficult to predict and price.

Source: Korea Times News