As ransomware attacks surge, the cost of cyber liability insurance premiums is increasing steadily. In fact, the average premium for cyber insurance increased a stunning 34.3% in the fourth quarter of 2021 (Source). Not only has the price of coverage increased, but the cyber insurance business model is rapidly evolving as well.

Despite rising premiums, the need for cyber liability insurance is surging for organizations of all sizes. As a result, cyber liability insurance companies are increasingly requiring more strict security measures such as network protection or email protection from phishing as a condition of ransomware coverage. If you don’t follow these and other conditions to the letter, your insurance company might deny coverage.

Ransomware’s Effect on the Cost of Cyber Liability Insurance

In the past, a majority of insurers covered ransomware under traditional property and casualty policies. As ransomware has evolved, insurers have had to adjust their strategy. According to Help Net Security, “Beginning in 2020, several prominent cyber insurers reported massive direct loss ratios for standalone cyber insurance policies and began sub-limiting cyber extortion and ransomware policies and/or applying co-insurance provisions, forcing the insured to share more of the risk” (Source).  In short, the insurance industry is struggling to develop cyber liability insurance offerings that can combat the increase in ransomware. With the rapid evolution of ransomware, history is proving to be a poor indicator of what’s to come.

The Role of Insurance in Paying Ransoms

In recent years, nearly all cyber liability policies covered ransomware including ransom amounts, digital forensics and incident response costs to respond to the ransomware event, as well as costs to restore and recover lost assets. This has become prohibitively expensive.  In the event of a ransomware attack, paying the ransom is often seen as a last resort for both the insurance company and the client. If the organization has prepared properly with ransomware preventing backups and other measures, assets can be restored without paying the ransom, with the insurance policy covering the other costs and lost income exactly as intended.

That being said, there are some occasions where assets cannot be restored (there’s no backup and no recourse). In these situations, the only option is to pay the ransom or face the consequences. This is an unenviable position to be in, especially for organizations that don’t have insurance. For those organizations that do, there is coverage if the policyholder elects to pay. Since it’s impossible to be 100% secure all of the time,insurance can be a last resort backstop if a ransomware attack does occur

What’s Next?

It’s clear that ransomware criminals have become increasingly efficient and ruthless professionals. According to an Empist Report, ransomware has increased by 239% since 2018 (Source). As a result, insurance companies are wondering how they can provide cyber insurance while remaining in good financial standing. It’s likely that the cost of cyber insurance that covers ransomware attacks will become more expensive and require stricter controls. Organizations seeking protection will be required to demonstrate very strong security systems, practices, and policies as a precondition for getting insurance. To assist you, we’ve compiled a quick visual punch list to review with some of the most important factors affecting cyber liability insurance premiums.


  • Multi-Factor Authentication
  • Email authentication
  • Disable open RDP port(s)
  • Discontinue unsupported software (OS & Applications)
  • Define admin privileges & use separate ID’s
  • Designated CIO function
  • Penetration testing
  • Network assessment including Vulnerability Scanning
  • Employee Awareness Testing & Training
  • Policies and procedures
  • Number of records at risk

Final Thoughts

A secured future depends on a successful pivot to a new strategy. A robust cyber security posture against ransomware is achievable, but only when organizations recognize the need to proactively adapt and evolve their cyber security strategies, not simply react to attacks with outdated solutions after the damage is done.

Kyber Security | CT Cybersecurity Experts

Don’t get caught off guard. See your organization from an attacker’s perspective. Kyber Security can conduct a comprehensive cyber insurance and controls preparedness assessment to evaluate vulnerabilities.

Here’s What You Can Expect From an Assessment:

  • Understand your organization’s gaps with core controls associated with cyber liability insurance premiums
  • Obtain immediately actionable information for how you can better secure your organization
  • Learn how you can improve the overall cybersecurity posture of your organization