Sign In

Communications of the ACM

ACM News

Cyber Insurance Isn't Helping with Cybersecurity


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
A basic representation of cyber insurance.

It isn't illegal to pay cyber criminals a ransom, but law enforcement agencies warn that doing so will give the gangs funds to launch more attacks.

Credit: Adobe Stock

Ransomware is one of the biggest cybersecurity issues facing organisations today but as claims mount and cyber insurers look at the coverage they are offering, changes may be coming.

Cyber insurance is designed to protect organisations against the fallout of cyber attacks, including covering the financial costs of dealing with incidents. But some critics argue that insurance encourages ransomware victims to simply pay the ransom demand which will then be covered by the insurers, rather than have adequate security to deter hackers in the first place. Insurers argue that it's the customer that makes any decision to pay the ransom, not the insurer. 

It isn't illegal to pay cyber criminals a ransom demand but law enforcement agencies warn that doing so will give the gangs funds to launch more attacks.

According to a research paper examining cyber insurance and the cybersecurity challenge by defence think tank Royal United Services Institute (RUSI), this practice isn't just encouraging cyber criminals, it's also not sustainable for the cyber insurance industry, which warns ransomware has become an existential threat for some insurers.

From ZDNet
View Full Article

 


 

No entries found