In the US, the Department of Homeland Security, the FBI, CISA and other federal groups are working to swiftly enact legislation and enforcement around cyber extortion. They aim to protect organizations and to enforce sanctions against criminal groups.

Last year, ransom demands jumped by 47% between Q1 and Q2, for one group of organizations. As the year wore on, that trend did not show any signs of slowing down.

Until strong laws and sanctions come into effect and the number of ransomware incidents begins to decline, should your organization seek out ransomware insurance?

Cyber insurance vs. ransomware insurance

While your cyber insurance policy may cover ransomware, not all do, so it pays to check. And if your plan does cover ransomware, you may find that it only covers ransomware under select circumstances, provided that certain criteria are met.

Most ransomware demands top out at five figures. For your organization, that may simply represent a drop in the bucket. It might not be a serious setback. Nonetheless, the attack damage and clean-up costs can run significantly higher than that initial ‘sticker price’.

What to seek in a ransomware policy

  • Coverage for the misuse, solicitation and illegal access to data on your network
  • Coverage for the introduction of malicious software to your network
  • Coverage for unanticipated, illegal restricted access to your network
  • Coverage for phishing and spear phishing that can lead to network compromise
  • Coverage for the use of your network in the transmission of malicious software

And more.

​Be sure to select a reputable policy carrier. You want to work with a trusted organization in the event of a breach. Otherwise, the results could be catastrophic.

Civil penalties for paying

In the event that legal reforms lead to civil penalties for payment of ransomware extortion schemes, would such penalties really deter institutions or insurance groups from paying the ransom?

“In a nutshell, since the ransom is often lower than the cost of recovery, business interruption and lost business – the convergence of which can spell financial death – many victims and insurers simply pay the ransom and risk sanctions,” says Erin Kenneally, former staffer in the US Department of Homeland Security’s cyber division.

​The notion of making it illegal to acquiesce to hackers demands remains highly controversial. “There are still question marks over the true benefits of criminalizing ransomware payments,” says security expert Charl van der Walt.

Mitigating risk

Unless ransomware payments are made illegal, some cyber experts believe that “Insurance has a key role to play in mitigating risk”. Says security expert Matt Lawrence, “Rather than penalizing businesses for attempting to save themselves, a progressive policy that acknowledges the challenge and focuses on supporting organizations to do the right things up front through preparing adequately for compromise, for example, would have a much broader impact on this problem.”

​Additional coverage

For additional coverage, some organizations are opting for traditional kidnap and ransom (K&R) policies. Historically, K&R policies were used to protect executives; not to guard against ransomware attacks. These policies have a variety of benefits and drawbacks. Explore your options carefully you search for ransomware insurance.

Experienced cyber security providers can potentially connect you with insurance brokers. Ask your cyber security sales reps for info. They may be able to point you in the right direction. You want insurance that fits your unique business needs. Consider reaching out. Be proactive and prevention-first focused. Take the next steps today. Protect your future and your finances. Learn more. Take your security to the next level. Get insights from experts.

Don’t let ransomware ruin your reputation. Rethink your tactics and strategy. For further info about risk management and ransomware insurance click here.

Want to know about the exact definition of a ransomware attack? Check out our ransomware definition on our glossary page.  Curious about what a large-scale and recent ransomware attack looked like? A food shortage hit the Netherlands. A supply chain attack and ransomware were to blame. Details here.