The voices calling for regulation to prevent the reimbursement of ransom payments are becoming increasingly louder, whilst at the same time pointing an accusing finger at cyber insurers for funding cyber criminals as paying ransoms is the “lowest cost option”.

While I don’t claim to speak on behalf of the entire cyber insurance market, I am fairly certain that no cyber insurer shares this view given the almost US$1 trillion in policy limits exposed.

To assert that a policy bought by just 15% of businesses globally is responsible for creating and driving a crime that affects the other 85% who don’t buy this type of insurance is fundamentally misguided. It’s analogous to saying that home insurance is fuelling burglaries or motor insurance is fuelling the theft of cars.

I am not aware of there being any evidence to suggest that businesses that purchase cyber insurance are more inclined to pay a ransom demand than those without. My own experience is, in fact, quite the opposite. Armed with insurance, a business that has been attacked can avail itself of the appropriate experts to guide them through the issue and support them through the recovery process.

Cyber insurers’ in-house cyber security and claims teams have handled literally thousands and thousands of incidents over the past 20 years, and that experience means they know what to do and how to do it quickly to help businesses recover as fast as possible.

They’re also no longer simply the digital equivalent of an emergency service when an attack happens; these teams are fast becoming the first line of defence for their clients, helping to protect them from this increasingly serious source of crime. Scanning clients for weaknesses as part of the underwriting process is commonplace in the cyber market these days, with the intent of determining the security maturity of a business. However, many cyber insurers are increasingly leveraging the expertise of their in-house security team to proactively work with clients on remediating those vulnerabilities to avert the most dangerous attacks.

Without insurance and in the absence of all this support, many companies have no-one to turn to and no other options, so may assume they have no other option but to pay.

In my opinion, rather than fuelling ransomware, cyber insurance is playing a critical role in tackling it. There is already significant interaction between the industry and global law enforcement, with threat intelligence and data being gathered and shared. By following carefully structured paths and involving the right professionals, insurers can ensure that payments are only made when absolutely necessary and that law enforcement are kept informed so they can use the intelligence gathered to track and ultimately catch the perpetrators.

There is no doubt that ransomware poses a serious threat to global business and the economic damage caused is often many multiples of the billions the criminals are stealing, making it the worst form of financial crime. Equally, there are many reasons why it continues to develop – the lack of regulation of cryptocurrency exchanges, the demonisation of the victims by mainstream media, even privacy regulations themselves. There needs to be broad and informed consultation between the industry, governments, law enforcement and security companies to reach a solution on how best we can tackle this crime together rather than pointing fingers at one another.

Share Story: