AXA Stops Writing Cyber-Insurance Policies that Reimburse Ransomware Victims in France

Following the news that in an apparent industry first, the global insurance company AXA says it will stop writing cyber-insurance policies in France that reimburse customers for extortion payments made to cybercriminals, please see below for comments from cybersecurity experts.

Experts Comments

May 10, 2021
Richard Walter
CTO
Censornet

Cyber insurance can offset the risk posed by cyber-attacks and is intended to offer organisations reassurance that the costs of a breach will be picked up.

 

However, it's very hard to count the true cost of a breach. If a company’s private data is hacked and leaked, it suffers an immediate financial hit which can be mitigated by insurance. But the long-term reputational damage is almost impossible to estimate. Lose your customers’ trust once and you may never get it back.

 

By refusing to pay

.....Read More

Cyber insurance can offset the risk posed by cyber-attacks and is intended to offer organisations reassurance that the costs of a breach will be picked up.

 

However, it's very hard to count the true cost of a breach. If a company’s private data is hacked and leaked, it suffers an immediate financial hit which can be mitigated by insurance. But the long-term reputational damage is almost impossible to estimate. Lose your customers’ trust once and you may never get it back.

 

By refusing to pay out claims for extortion payments, AXA is taking a hard stance. But this approach is unlikely to deter ransomware gangs. Faced with extortion, many organisations will opt to pay the ransom rather than risk reputational and financial damage. That's not going to change.

Hackers will continue to use ransomware to target their victims for as long as it is profitable, so something radical needs to happen in order to break this cycle.

  Read Less
May 10, 2021
Joseph Carson
Chief Security Scientist & Advisory CISO
Thycotic

We need to make it more difficult for cybercriminals, especially ransomware criminals, from being successful and AXA has made a significant step in the right direction. In the past year, I have seen an increase in ransomware victims, whether it being a business that lost an entire year’s worth of digital data or citizens who lost their entire digital life, so we must do what we can to reduce the success of ransomware. In recent years we have seen cyber insurance on the rise, with some

.....Read More

We need to make it more difficult for cybercriminals, especially ransomware criminals, from being successful and AXA has made a significant step in the right direction. In the past year, I have seen an increase in ransomware victims, whether it being a business that lost an entire year’s worth of digital data or citizens who lost their entire digital life, so we must do what we can to reduce the success of ransomware. In recent years we have seen cyber insurance on the rise, with some insurance companies even negotiating with the cybercriminals for a discount, however, this is just making ransomware crime more lucrative and successful for the criminals. 

 

We must educate companies and citizens on how to reduce the risks and become more resilient so that paying a ransom is not even an option to consider. AXA Insurance has taken a step in the right direction in France by refusing to write cyber-insurance policies that would reimburse victims who fund future crime through ransomware payments. It is also important to note that the recent cyber research by CyberEdge showed that most victims who pay the ransom are unsuccessful in getting their data recovered.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.