Cyber insurance carriers are facing criticism from government officials for their role in reimbursing ransom payments to victim organizations affected by ransomware attacks. The debate surrounding this issue has intensified as ransomware incidents continue to rise, with 2023 hitting record highs and 2024 on track to follow suit.
U.S. Deputy National Security Advisor Anne Neuberger has called out the insurance industry, citing concerns that policies reimbursing ransom payments incentivize cybercriminal activities. In an op-ed for the Financial Times, Neuberger highlighted the need for increased global partnerships and public-private collaboration to combat ransomware effectively.
While Neuberger’s comments have sparked debate within the cyber insurance industry, some industry professionals have pushed back. Kirsten Bay, CEO of Cysurance, pointed out that insurers do not drive enterprises’ decisions to pay ransoms, and many victim organizations choose to pay without involving their insurers. Bay emphasized the importance of transparency and suggested focusing on tracking ransomware attacks and identifying threat actors.
Amidst the ongoing ransomware threat, law enforcement agencies have ramped up their efforts to combat cybercriminal activities. Recent joint actions have resulted in the exposure of ransomware gangs like LockBitSupp, but the threat landscape continues to evolve as new groups emerge.
Rob Jones, global head of claims at Coalition, highlighted the role of insurance in helping companies respond to ransom demands and mitigate the impact of attacks on their operations. Jones emphasized that insurance companies provide valuable support in evaluating cybersecurity hygiene and testing backups to prepare organizations for ransomware incidents.
While the debate over ransom reimbursement policies continues, experts have proposed ways for both the government and private sector to address the escalating ransomware threat. Alla Valente, a senior analyst at Forrester, called for federal cybersecurity regulations to help organizations prevent attacks. Valente stressed the need for insurers to assess risks during the underwriting process and ensure that policyholders have robust cybersecurity measures in place.
Art Gilliland, CEO of identity security vendor Delinea, acknowledged the challenges companies face in defending against cybercriminal gangs supported by adversarial governments. Gilliland suggested focusing on enhancing defenses rather than relying solely on insurers’ reimbursement policies.
Grayson Milbourne, security intelligence director at OpenText Cybersecurity, highlighted concerning trends in the ransomware economy, including the success of initial access brokers. Milbourne emphasized the importance of implementing cybersecurity frameworks like NIST and educating employees to prevent ransomware incidents.
Overall, the debate over ransom reimbursement policies continues as cybersecurity experts advocate for increased transparency, collaboration, and proactive measures to combat the growing threat of ransomware. While the role of insurance in mitigating ransomware risks remains a point of contention, the industry continues to play a significant role in helping organizations navigate and respond to ransomware incidents.