‘Ransomware: The Role of Cyber Insurance’ (RaCI) is a multidisciplinary research project between RUSI, the University of Kent, De Montfort University and Oxford Brookes University. The project seeks to understand the role of cyber insurance in handling the challenges posed by ransomware and the impact on how governments, law enforcement and the insurance industry tackle ransomware.
This project is the next phase of RUSI’s collaboration with the University of Kent on cyber insurance.
This project investigated the role of cyber insurance in incentivising cyber security behaviours within organisations.
Aims and objectives
We are seeking to answer the following questions:
- How has the rise in ransomware claims changed the cyber insurance market and cyber insurance coverage?
- Can cyber insurers help make organisations more secure or resilient against ransomware?
- What is the current role of insurers when a ransomware incident occurs?
- How has this role changed and where may it be headed?
- What are the incentives and disincentives to victims paying ransoms?
- What sort of public–private partnerships between the insurance industry and government would be effective for tackling ransomware?
- Is ransomware coverage sustainable for the insurance industry?
The project will combine an extensive literature review with stakeholder interviews and workshops to gain critical insights into the cyber insurance industry. This will involve engagements with a diverse global community, including insurance professionals, law enforcement, civil servants, cyber security and incident response experts, data breach lawyers and businesses.
RaCI’s research findings will be pivotal in helping decision-makers to navigate cyber risk management approaches, understand ransomware challenges in the context of cyber insurance, and provide clear and actionable recommendations that can be adopted by governments and practitioners alike.
UK National Cyber Security Centre (NCSC)
Work on RaCI is funded by the UK National Cyber Security Centre (NCSC).Find out more
The main project output will be the publication of an Occasional Paper in the summer of 2022 which will draw our research together, as well as two academic papers.