The American Property Casualty Insurance Association (APCIA) issued last week Cyber Extortion/Ransomware Guiding Principles to aid industry stakeholders in navigating the circumstance.
The Board of Directors’ guidance addresses increasing cyber resiliency through partnerships and cyber insurance regulation.
“Insurers want to be partners with business leaders and policymakers in finding meaningful solutions for addressing the proliferation of ransomware attacks,” APCIA President and CEO David A. Sampson said. “The APCIA Board of Directors endorsed principles that will guide our work to develop thoughtful, action-driven opportunities to address this societal problem.”
Sampson said singling out insurance due to increased attacks negates the cyber insurance’s holistic benefit while taking a simplistic approach to a complex problem. He said insurers are ready to take a role in combating the issue.
The APCIA maintains creating greater cyber resiliency is a societal obligation attainable by including public and private sectors to identify the core drivers of ransomware incidents and general cyber threats.
The APCIA leadership also noted that insurers should be allowed to provide reimbursement coverage for the policyholder’s ransom payment for cyber extortion. Such a provision is consistent with the approach to the parallel issue of crime or kidnap and ransom coverages.
The APCIA said it advocates a holistic approach focusing on the foundation of criminal behavior by utilizing the expertise of all stakeholders.