Does cyber insurance cover ransomware payment demands?

Image from Unsplash

Enterprise organizations are increasingly concerned about how they will meet ransomware demands — even those with cyber insurance. Only 19% of businesses surveyed have ransomware coverage limits above $600,000, while over half (59%) hoped the government would cover damages when future attacks are linked to other nation-states.

The BlackBerry Cyber Insurance Coverage study, released by BlackBerry and Corvus Insurance, surveyed 450 information technology (IT) and cybersecurity decision-makers about their cyber insurance coverage and ransomware protection levels.

With ransomware demands reaching an average of $1.2 million in 2021, payments may exceed the average cyber insurance coverage limits.

Many businesses reported cybersecurity coverages that are poorly tailored to their current situation. Over one-third (37%) of respondents aren’t currently covered for any ransomware payment demands, while 43% aren’t covered for auxiliary costs such as court fees or employee downtime.

At the same time, cyber insurance has become harder to get, due to increased software requirements placed by insurance brokers. Over one-third (34%) of respondents have been denied coverage due to not meeting specific endpoint detection and response (EDR) software requirements. These increased requirements however may be having a real impact on reducing ransom payouts.

For additional cyber insurance report findings, click here.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.