For a decade, the consumer cybersecurity market was considered a late-cycle vertical. Aging antivirus solutions, poor functional differentiation and a stagnant renewal rate had made it a secondary market segment, far behind the dynamics of B2B and critical infrastructure, but the recent rise in individual threats is upsetting this balance.
By 2024, American consumers have lost $12.5 billion due to online fraud, increasing by 25% compared to the previous year. Above all, 73% users claim to have been targeted by an attempted attack or phishing. The threat is moving towards the individual with the proliferation of identity theft, fake institutional sites created by AI, voice deepfakes, IBAN hijacking or digital wallet fraud. In this environment, the end user becomes the new attack surface and therefore a priority market.
Even today, the Israeli startup Guardio, almost exclusively B2C oriented, has just completed an $80 million round bringing its funding to $120 million, in a segment that was thought to be locked by Norton, McAfee or Avast. In reality, the historical ecosystem has not kept up with the evolution of threats with solutions that have innovated little, while attackers have changed scale, boosted by generative tools.
The emergence of AI further strengthens the dynamic, with automated creation platforms, increasingly capable of generating entire sites, emails or fake banking interfaces, which facilitate the industrial production of fraudulent content. Protecting the user no longer consists of verifying the integrity of a file or blocking a link but rather identifying perfect copies of official services created in a few seconds.
The convergence between identity protection, payment security, secure navigation and behavioral monitoring paves the way for integrated platforms. For investors, B2C cybersecurity is a market reconfigured by AI, driven by massive and still poorly addressed demand.
-
Aura (United States) : consumer integrated protection platform (identity, devices, privacy), raised $140 million in Series G in 2025, valuation around $1.6 billion, strong traction with families.
-
Guardio (Israel) : 100% consumer cyber player, specialized in the detection of fake sites and individual fraud, raised 80 million dollars after three years of growth >100% ARR.
-
Cocoon (UK) : premium protection for high exposure individuals (HVI), combining device security, personal risk audit (OSINT, dark web) and tailor-made cyber advice for families and managers.
-
Lookout (United States) : personal mobile protection (malware, phishing, data leak), strong historical traction on Android.
-
Malwarebytes (United States) : historical mainstream player, repositioning towards multi-device and privacy protection; massive user base.
-
Avira (Germany) : general public protection (antivirus + confidentiality), one of the rare European B2C players with global distribution.
-
Proton VPN (Switzerland) : Privacy-focused consumer VPN, built on Proton’s secure infrastructure, offering advanced encryption, zero logs, and a global network optimized for privacy rather than raw performance.
-
Proton Mail (Switzerland) : end-to-end encrypted email service, designed to protect personal communications, pioneer of the “privacy-first” model, hosted in Switzerland and financed by subscriptions rather than advertising.
