Combat Ransomware: Can cyber insurance protect your organization? | HCLTech

Combatting ransomware: Can cyber insurance protect your organization?

In the face of escalating cyber threats, cyber insurance has emerged as a critical tool for businesses to recover from data breaches, but is it enough to save your organization?
3 minutes read
Devkant Sharma


Devkant Sharma
Group Manager, Cybersecurity Services
3 minutes read

In the face of escalating cyber threats, cyber insurance has emerged as a critical tool for businesses to recover from data breaches. It covers many costs, including lost revenue, business disruption, equipment damage, public relations expenses, legal fees, forensic analysis and legally mandated notification expenses. However, the increasing frequency of cyberattacks has led to a surge in cyber insurance premiums, and businesses can expect these premiums to continue to rise.

The rising threat of ransomware

In 2019, approximately 20% of businesses experienced repeated ransomware attacks. This figure rose to around 30% during the global pandemic. Even post-pandemic, the threat persists, with 38% of organizations surveyed in 2022 reporting two or more successful ransomware attacks. These attacks typically involve threat actors gaining control over systems, encrypting data or exfiltrating information to demand a ransom.

Interestingly, 77% of organizations with cyber insurance reported experiencing at least one cyberattack, compared to 65% without insurance. Among insured enterprises, 39% chose to pay the ransom. The data suggests that businesses with cyber insurance may be more vulnerable to cyberattacks than those without. This could be due to the perception that organizations able to afford high insurance premiums will also have the means to pay more considerable ransom demands.

Understanding your cyber insurance coverage

However, it's important to note that ransomware is not always covered under a company's broader cyber insurance policy. Businesses looking to manage their cyber liability should consult with their insurance broker or company to ensure their policies include ransomware coverage. Cyber insurance can provide coverage in several key areas:

Data loss

Businesses are increasingly concerned about exposing personally identifiable information (PII) or protected health information (PHI), regardless of where it is stored. Cyber insurance can cover breach notifications, remediation and defense expenses for regulatory investigations. It's crucial for organizations to understand where their private or confidential information is stored and to implement robust data collection and storage policies.

Device loss

While preventing theft or loss is challenging, organizations can limit the data on each device. Strong password policies, regular password changes and avoiding storing private or confidential data on laptops can help mitigate risks. A cyber policy can cover network and information security liability in a breach, protecting organizations against unauthorized data access.

Notification requirements

Legal obligations requiring breach notifications to customers can be costly, averaging nearly $2 million. Cyber insurers can refer affected organizations to law firms to handle breach notifications and provide counsel, with costs reimbursed subject to the applicable retention.


Engaging computer forensics teams to assess the extent of a breach and determine potential compromise of customer data is crucial. Cyber insurance can cover the expenses of computer forensic experts, potential business losses and extra expenses incurred during the restoration of business operations.

Building cyber resilience


Companies must thoroughly understand their coverage and conditions and carefully review a cyber policy before acceptance.


In today's digital landscape, cyber resilience is essential for businesses to protect themselves against data loss, reputational damage and legal penalties. However, not all cyber insurance policies cover ransomware incidents. Therefore, companies must thoroughly understand their coverage and conditions and carefully review a cyber policy before acceptance.

Moreover, businesses should prioritize building a robust infrastructure to protect their valuable data. This includes maintaining regular data backups, implementing a solid ransomware protection solution, keeping systems and applications updated and educating employees on best security practices. The fight against ransomware is not a solitary battle but a collective effort. It involves not just investing in cyber insurance but also inculcating best practices such as:

  1. Regular data backups
  2. Implementation of a robust ransomware protection solution
  3. Keeping operating systems, security software, programs and applications up-to-date
  4. Educating employees on best security practices to avoid ransomware attacks, such as refraining from clicking on links or opening email attachments from untrustworthy sources
  5. Exercising caution while browsing the internet and being wary of malicious websites and pop-up ads
  6. Avoiding the use of public Wi-Fi networks for internet surfing and instead using a virtual private network (VPN) to safeguard critical data from exposure
  7. Refraining from using USB drives from unfamiliar sources

While cyber insurance can provide a safety net, it is not a panacea for all cyber threats. It should be viewed as a component of a comprehensive , not a replacement for one. Organizations must remain vigilant, implementing robust security measures and fostering a culture of cybersecurity awareness. Only then can they genuinely safeguard their critical data and operations against the ever-evolving landscape of cyber threats.

The way forward

While it may be challenging for smaller organizations with limited portfolios to purchase cyber insurance, large enterprises with a significant customer base and vast volumes of sensitive financial information or PII must consider this investment for robust cyber resilience.

Ultimately, the goal is to build a genuinely robust cyber resilience strategy that includes cyber insurance and a comprehensive approach to cybersecurity. This will ensure that your organization is well-equipped to combat ransomware and other cyber threats, protecting your valuable data and maintaining the trust of your customers.

Share On