UK insurers defend ransomware payment coverage

The Association of British Insurers (ABI) has defended including ransomware payments in first-party cyber-insurance policies.

It highlighted that although firms face financial ruin without cover, insurance is not a replacement for taking every step to prevent the spread of ransomware.

Professor Ciaran Martin, former head of the National Cyber Security Centre, said the UK needs to rethink its policies on ransomware in comments first reported by the Guardian.

He said he believed insurers were "funding organised crime" by covering ransomware claims, but the issue of tackling ransomware was far broader than just the insurance sector.

He clarified that while official advice is not to pay the demand, it is not illegal in the UK.

However, he did not think that banning ransomware insurance claims would necessarily solve the problem.

"I have some sympathy with insurers, because as long as it's legal, there are incentives to pay."

He added: "But it's worth a serious piece of consultation because if we continue as we are, things will get worse.”

A spokesman for the ABI said insurers require that "reasonable precautions" are taken to prevent cyber-attacks from succeeding in the first place, just as cars and houses require security measures in place to deter thieves.

They added: "Some might argue that any insurance that covers against a criminal act could lull the policyholder into a false sense of security”.

    Share Story:

Recent Stories


The Rise of Instant Payments
Instant payments are creating new business opportunities for banks by providing more touchpoints than ever. With these evolutions underway, Featurespace brought leading industry experts together to discuss how they are protecting customers from fraudsters in real time, utilizing innovative and disruptive solutions to reduce fraud. Click here to find out more.

Offloading Cyber Risk in the Cloud
As cyber attacks and data breaches are in the news on an increasingly regular basis - with regulatory penalties and customer trust on the line for financial services firms - it has never been more crucial to be compliant in the cloud.

This video, with Akamai’s EMEA director of security technology and strategy Richard Meeus, will help explain what your company can be doing to make sure it’s not embroiled in the next big fine or front-page scandal.