Cyber Insurance is Supporting the Fight Against Ransomware

As the cyber insurance market continues to grow, it’s only natural to discuss its role in the battle against ransomware, which has been a prevalent topic in recent months, and other cyber-attacks.

Most discussions highlight its value as a risk mitigation tool and its ability to respond to fast-evolving cyber threats, including ransomware.

But some opposing viewpoints have emerged in the media in regard to ransomware, including a recent critique arguing that cyber insurance has served as an incentive for cyber extortion attacks.

This argument does not hold up. The truth is that ransomware attacks against businesses occur for one reason only: criminals are succeeding.

Far from being part of the problem, cyber insurance can be a valuable tool in the fight against ransomware and other cyber threats. Fulfilling its traditional role, cyber insurance pools insureds that are similarly at risk and spreads their potential losses.

And those who have criticised it have gotten some important facts wrong:

  • Ransomware victims are rarely “targeted.” More often, attackers target a specific but widespread vulnerability that will distribute ransomware to the maximum number of potential victims.
  • Insurance hardly creates an incentive for extortionists. Ransomware demands usually top out at five figures and for many businesses, that cost is a nuisance.
  • Although no one wants to support cyber criminals, organisations are forced to weigh the option of paying ransomware demands against the risk of operational disruptions that could last weeks or months and cost far more, as well as impact on customers, reputation, and business continuity.
  • Insurers do not make decisions about whether to pay extortionists — the insurance buyer always makes the final call. If an insured declines to pay, the insurer supports it, paying network recovery costs and reimbursing it for income lost as a result of the attack.

Beyond its specific purpose in thwarting ransomware attacks, cyber insurance is valuable for other reasons. The insurance underwriting process raises awareness of cyber threats, identifies how companies should be responding, and educates insureds.

After an attack, cyber insurance serves as a mechanism for convening the right team of experts, including legal counsel and computer forensic analysts, to assess the incident and recommend a response in a timely fashion.

So what do the critics get right? Cyber insurance pays claims. For more than a decade, cyber insurance policies have reliably paid claims for ransomware, network interruptions, data breaches, and related liability. Leading insurers handle thousands of claims a year, and US carriers paid cyber claims totaling an estimated $394 million in 2018.

Cyber insurance is a valuable component in a larger risk management strategy, which includes technology as well as training, education, and testing. To combat ransomware, companies still need to teach employees how to recognise threats, patch regularly, limit user privileges, and establish sufficient cyber hygiene to avoid being an easy target.

Companies are fighting hackers on an unbalanced playing field, where defense is much harder than offense, and cyber insurance has proven to be a valuable partner in that fight.

LCPA No. 19/159

Marsh Pty Ltd (ABN 86 004 651 512, AFSL 238983) (“Marsh”) arrange this insurance and is not the insurer. The Discretionary Trust Arrangement is issued by the Trustee, JLT Group Services Pty Ltd (ABN 26 004 485 214, AFSL 417964) (“JGS”). JGS is part of the Marsh group of companies. Any advice in relation to the Discretionary Trust Arrangement is provided by JLT Risk Solutions Pty Ltd (ABN 69 009 098 864, AFSL 226827) which is a related entity of Marsh. The cover provided by the Discretionary Trust Arrangement is subject to the Trustee’s discretion and/or the relevant policy terms, conditions and exclusions. This website contains general information, does not take into account your individual objectives, financial situation or needs and may not suit your personal circumstances. For full details of the terms, conditions and limitations of the covers and before making any decision about whether to acquire a product, refer to the specific policy wordings and/or Product Disclosure Statements available from JLT Risk Solutions on request. Full information can be found in the JLT Risk Solutions Financial Services Guide.”