Three things cyber insurers need to know about the rise in ransomware

While ransomware is hardly a new threat (fun fact, it’s actually three decades old1), it’s become a modern-day scourge for businesses and government offices of all sizes. For many insurers, growing ransomware claims are forcing changes in underwriting processes and a search for new sources of data on cyber risk exposures.

During the Verisk Velocity session “Held Hostage: The Rise of Ransomware,” panelists highlighted three critical ransomware trends facing insurers today.

Cyber Solutions

1. It’s a growing threat

Ransomware attacks soared in 2019, growing 131 percent.2 By 2021, it’s estimated that there will be a successful ransomware attack every 11 seconds.3 Insurers have generally experienced an uptick in both the frequency and severity of ransomware attacks—in some cases, there’s been a double-digit increase in frequency. Moreover, ransom demands are growing ever larger, with some attackers demanding six or even seven-figure payouts.

One reason ransomware attacks are surging is because they have become commodified on the criminal markets of the “dark web.” Ransomware can be sold as a service to nefarious customers, who can direct malicious coders to launch attacks against a desired target.

2. Underwriters have more work to do

The rise in ransomware attacks is forcing many cyber underwriters to focus more intently on cybersecurity practices at companies seeking insurance. They are working to determine if a company has protocols and processes in place to prevent ransomware attacks, including the use of multi-factor authentication and training staff to recognize social engineering.

Many cyber underwriters are also scrutinizing the security of data backups. Because ransomware attacks often block an organization’s access to critical data, the presence of duplicated backup copies of any critical data can be an important marker for a company’s resilience in the face of a successful ransomware attack.

3. An evolving threat needs new data sources

The shelf life of claims and experience data in cyber insurance can be considerably shorter than it is for other lines of business, due to the dynamic and evolving nature of cyber perils. For underwriters to operate successfully, they need to pair traditional insurance data with more cyber-specific inputs from third parties—data that can help underwriters better understand the security practices of companies, or how well they’re positioned to rebound from an attack. Uniform reporting of cyber claims among insurers will also help the industry better understand longer-term trends.

To learn more about ransomware trends in cyber insurance, please view our Verisk Velocity session. To learn how Verisk’s Cyber Solutions Suite can help improve your cyber underwriting, please visit our web page.

  1. Joseph Cox, “The World’s First Ransomware Came on a Floppy Disk in 1989,” Motherboard, April 12, 2017,
    < >, accessed on October 23, 2020.
  2. Beazley Breach Briefing 2020, Beazley, March 23, 2020, < >, accessed on October 23, 2020.
  3. Steve Morgan, “Global Ransomware Damage Costs Predicted to Reach $20 Billion (USD) By 2021,” Cybercrime Magazine, October 21, 2019, < >, accessed on October 23, 2020.

Prashant Pai

Prashant Pai is vice president and general manager, Verisk Cyber Solutions. You can contact him at

Visualize Subscribe

Get the best of Visualize!

We'll send Visualize Monthly, and our most popular content, right to your inbox.

Subscribe now