Africa’s digital transformation is in full swing, driven by the expansion of mobile internet, the growth of digital financial services such as mobile banking, mobile money and e-commerce. The modernization of public administrations is also fostering the digital transformation of the insurance ecosystem.
However, this momentum is accompanied by a surge in cyber risks, exposing financial institutions, businesses and users to new forms of threats.
In this context, cyber insurance is gradually emerging as a strategic segment for African insurers and as a new risk management solution for companies.
Vulnerability of African businesses to cyberattacks
African businesses are becoming increasingly vulnerable to cyberattacks, including ransomware, large-scale data breaches, digital fraud, identity theft and payment system hacking.
In 2024, Kaspersky’s (1) cybersecurity solutions alone detected 131 million cyberattacks, nearly 40% of which targeted Kenya, South Africa and Morocco. The financial losses are substantial.
According to the 2025 “Africa Cyberthreat Assessment Report” published by the International Criminal Police Organization (INTERPOL), these losses are estimated at 3.5 billion USD annually for the African financial sector.
(1) A company specializing in cybersecurity solutions and services.

The multiplication of attacks and the increase in financial losses are prompting economic operators, particularly banks, fintechs, public administrations and large corporations, to adopt protection mechanisms.
Read also | The cyber insurance market
Cyber insurance in Africa
Although still at its infancy compared with Europe and the United States, the African cyber insurance market is beginning to attract the attention of insurers and regulatory authorities.
In this emerging market, Kaspersky estimates that fewer than 10% of African companies currently have cyber coverage. The most common threats are ransomware, phishing and data theft. These attacks mainly affect companies based in Kenya, South Africa, Morocco and Nigeria.
An underdeveloped market with strong potential
Africa remains one of the regions in the world with the lowest insurance penetration rates, often below 3% in several countries.
Against this backdrop of low overall insurance maturity, cyber insurance could represent a new niche market with significant development potential. Other factors are also supporting the expansion of this market, including the increase in cyberattacks, the acceleration of digital transformation and the growth of e-commerce.
Large companies, banks, telecommunications operators and certain fintech companies currently represent the main buyers of cyber insurance coverage. Cyber guarantees are therefore increasingly being incorporated into commercial insurance offerings, particularly in South Africa, Kenya, Nigeria and Egypt.
For instance, Africa Specialty Risks (ASR) launched a cyber insurance policy in late 2025 offering coverage limits of up to 5 million USD.
According to Cognitive Market Research (1), the cyber insurance market is experiencing strong growth in several African countries. In 2024, the Egyptian market was estimated at 29.72 million USD, supported by a compound annual growth rate (CAGR) of 26.6%.
In South Africa, the market reached 44.72 million USD in 2024, with an average annual growth rate of 27.2%, notably driven by increased investment in cybersecurity infrastructure.
The Nigerian market was also estimated at 29.72 million USD in 2024.
(1) Market research and consulting firm.
A potential lever for the insurance market upgrading
Cyber insurance is poised to become a catalyst for the modernization of the African insurance sector.
To this effect, the market will need to rely on improved cyber data sharing, stronger local actuarial capabilities, enhanced expertise among African insurers, and an overall improvement in corporate cybersecurity standards.
Cyber insurance: key players in the African market
The main players operating in the African cyber insurance market can be divided into three broad categories.
The first category includes pan-African insurance groups. These companies are developing cyber solutions as part of their corporate insurance activities. Key players include Sanlam, Old Mutual, Hollard Insurance and AXA Mansard. These groups benefit from a strong regional presence and solid knowledge of local markets.
The second category comprises major international insurers specializing in complex risks. Companies such as AXA XL, AIG, Allianz, Zurich Insurance, Beazley and Chubb hold a significant position in the large corporate and multinational segment in Africa. These groups possess advanced technical expertise as well as substantial financial capacity.
Finally, the market also relies on major international brokers and intermediaries operating across the continent, notably Aon, Marsh and WTW.
Key impediments to the development of cyber insurance in Africa
The African market is still up against several challenges that are slowing the adoption of cyber insurance solutions. Insurance coverage remains limited and is often poorly understood.
Overall, operators active in this segment face a number of key issues, including:
- the lack of reliable data on cyber incidents: insurers struggle to assess actual losses, properly price risks and model digital catastrophe scenarios,
- the high cost of cyber insurance policies: premiums are often considered too expensive for small and medium-sized enterprises (SMEs), even though SMEs account for the majority of Africa’s economic fabric,
- the low level of IT security within African companies. Africa spends between 2.5 billion USD and 3.5 billion USD (1) annually on cybersecurity,
- the shortage of skilled professionals: according to analyses from the ISC Cybersecurity Workforce Study 2023, Africa is facing a shortage estimated at several hundred thousand cybersecurity specialists,
- the lack of awareness: cyber risk is often viewed as secondary by businesses compared with physical risks such as fire, theft or flooding.
(1) Sources: Interpol and the Global Management Consulting Firm Kearney
Read also | The African insurance market
Major Cyberattacks in Africa
| Country | Date | Target | Type of attack | Impact |
| South Africa | July 2021 | Transnet (ports and logistics) | Ransomware | Partial paralysis of the ports of Durban, Cape Town, and Ngqura, causing disruption to African marine trade Estimated economic losses of 2.7 billion USD over twelve months |
| South Africa | September 2021 | Department of Justice | Ransomware | Disruptions to judicial services, with systems offline for several days; delays in administrative and judicial proceedings. |
| Nigeria | 2022-2024 | Banks and fintechs | Cyber fraud | Losses are estimated at several hundred million dollars, according to Nigerian financial authorities; In 2024, Nigerian financial institutions lost 33.7 million USD due to digital fraud |
| Kenya | July 2023 | Public platform: e-Citizen | Distributed Denial of Service (DDoS) cyberattack | Disruption of national administrative services; Temporary unavailability of government platforms; Impact on payments and public services |
| Sudan | 2023-2024 | Telecommunications networks and government infrastructure | Conflict-related cyberattacks | Disruption of communications and compromise of government systems in the context of civil war |
| Ethiopia | 2022 | Public institutions | Malware and espionage campaigns | Attempts at cyber espionage and disruption of public services during periods of internal political tension |
| Zambia | 2025 | Digital fraud network | Massive cyber fraud | A scam estimated at approximately 300 million USD affecting nearly 65 000 people |





