RUSI proposes cyberinsurance reforms for enhanced ransomware defence


The Royal United Services Institute (RUSI), an established UK think tank, has assessed the nexus between cyberinsurance and ransomware, suggesting a more robust reporting system from victims to the UK government.

This mechanism highlighted above would be institutionalised within insurance policies, the RUSI claims.

While some have argued that cyberinsurance policies might increase ransom demands, RUSI debunks the notion that ransomware operators deliberately target insured organisations.

RUSI positions cyberinsurance providers as neutral players in the ransomware scenario and cites a significant need for a unified response strategy to ransomware.

The think tank identifies cyberinsurance as a tool to enhance cybersecurity standards, tying it with insurance coverage clauses and thereby promoting organisational security measures.

RUSI acknowledges certain challenges, including the industry’s limited knowledge of tools to encourage and the low market penetration of cyberinsurance.

The report emphasises enhanced cooperation between the insurance industry and the UK government, leading to better ransomware prevention and reaction. RUSI offers nine distinct recommendations, focusing on more stringent reporting requirements, fostering industry best practices, incorporating NCSC intelligence, and enforcing specific obligations.

Cowbell VP of risk engineering, Manu Singh said, “The narrative that cyber insurance providers are the catalyst of ransomware is a dangerous simplification of the facts.”

Copyright © 2023 RegTech Analyst

Enjoying the stories?

Subscribe to our daily FinTech newsletter and get the latest industry news & research


The following investor(s) were tagged in this article.