Anyone who follows cybersecurity news is familiar with the concept of ransomware. The ransomware problem is a global problem, costing organizations billions in combined losses. But things could be worse. Thanks to systemic changes in cyber insurance underwriting, ransomware defense has improved considerably in recent years.

I was made aware of this by an excellent post from TechRadar. The post, authored by James Watts, offers a brief history of ransomware and how it has impacted insurance companies. Needless to say, when cyber insurance underwriting it’s prohibitively risky, insurers will step up and demand changes from their customers. That is exactly what has happened.

Losses and Risks Have Grown

Watts began his piece by discussing ransomware’s start way back in 1989. Back then, the crime was not extremely profitable because payments were a lot easy to trace. But with the adoption of cryptocurrency and other digital technologies, ransomware attacks became more profitable – and more attractive.

Insurance companies were selling cyber insurance policies at a rapid clip in the early days. The limited scope of ransomware at the time limited their losses. But as ransomware attacks grew more sophisticated and ransom demands increased, insurance company losses began to mount.

Watts went on to explain that companies did not make a whole lot of effort to avoid ransomware, depending on their insurance policies instead. They discovered it was cheaper to make an insurance claim and pay a ransom than attempt to recover from an attack. So that is exactly what they did.

Mounting losses forced insurers to make changes. They began reforming cyber insurance underwriting by enforcing stricter requirements for coverage. And of course, they also increased premiums substantially. You can read all about it in the TechRadar piece.

Cyber Insurance Underwriting in 2025

Everything the insurance industry has learned about ransomware over the last three decades informs us of the decisions they make today. As a result, modern cyber insurance barely resembles its first-generation counterpart from the late 1980s and early 90s.

For starters, insurance companies now rely on organizations like DarkOwl to provide comprehensive and credible darknet data to help them assess customer risk. Everything from historical data to current darknet chatter to predictive analytics informs modern cyber insurance underwriting.

In addition, insurance companies conduct risk scoring to help them better understand the threats each customer represents. A higher risk score means higher premiums. If a customer’s score is too high and management refuses to take remedial action, the customer could be dropped altogether.

More Stringent Coverage Requirements

Insurance companies have also implemented more stringent coverage requirements. In other words, they expect their customers to implement certain policies and strategies for mitigating risk. They expect their customers to maintain proper security within their networks and cloud infrastructures. They expect to see comprehensive policies, incident response plans, and analytics in place.

Insurance companies need to be tough in the 2020s because ransomware continues to grow and proliferate. They face huge losses when customers make planes. How huge? Ransomware losses in 2024 totaled some $3.5 billion.

Failing to implement strict coverage requirements makes insurance companies vulnerable. If they end up paying out too many sizable claims, they run the risk of not being able to adequately cover the rest of their customers. Ultimately, an insurance company could be put out of business by customers that don’t take appropriate measures to fight ransomware.

It’s easy to see why cyber insurance underwriting has undergone so many changes in the last 30 years. It is a matter of survival. The one positive aspect is that changes in underwriting have subsequently improved ransomware defense.