Insurance and Ransomware

2021-07-01 16:01

To overcome these challenges and champion the positive effects of cyber insurance, this paper calls for a series of interventions from government and industry.

To date, the UK government has taken a light-touch approach to the cyber insurance industry.

The interventions recommended here are still relatively light, and reflect the fact that cyber insurance is only a potential incentive for managing societal cyber risk.

They include: developing guidance for minimum security standards for underwriting; expanding data collection and data sharing; mandating cyber insurance for government suppliers; and creating a new collaborative approach between insurers and intelligence and law enforcement agencies around ransomware.

Finally, although a well-functioning cyber insurance industry could improve cyber security practices on a societal scale, it is not a silver bullet for the cyber security challenge.

It is important to remember that the primary purpose of cyber insurance is not to improve cyber security, but to transfer residual risk.

News URL

https://www.schneier.com/blog/archives/2021/07/insurance-and-ransomware.html

#insurance #ransomware