Cyber Insurance policies cover the costs of a data breach: Legal fees, notifying customers, credit monitoring, and business interruption losses. But getting paid is tricky.
Does it pay the Ransom?
Surprisingly: Often Yes.
Insurers calculated that paying $1M ransom is cheaper than paying $50M in business interruption costs to rebuild the network from scratch.
However, governments are pushing to ban this, as it fuels the Ransomware economy.
1. The "Act of War" Exclusion
Insurers denied the NotPetya claims (Merck lost $1.4 Billion) stating it was a "Hostile Act" by the Russian Military.
Courts ruled in favor of Merck, but policies are being rewritten to explicitly exclude "State-Sponsored Cyberattacks".
Since most major ransomware groups are state-affiliated, this coverage is shrinking.
2. Requirements to get Insured
In 2020, anyone could get insurance.
In 2025, you must prove you have:
- MFA everywhere.
- Offline Backups.
- EDR (Endpoint Detection).
If you check "Yes" but don't actually have it, the claim is denied for fraud.