A ransomware attack on your company’s data can make you feel helpless. That’s where ransomware insurance can save the day. While ransomware insurance can’t stop a cyberattack, it can help with expenses resulting from ransom, extortion, and more, which can mean the difference between staying in business or shuttering your doors.

No business is too small to be at risk of cybercrime, and the consequences can be devastating. Read on for more about what ransomware is, what ransomware insurance covers, and how it fits within a cyber liability insurance policy.

What is ransomware?

Ransomware is malicious software that prevents users from accessing an infected device or file until you pay a ransom. You or an employee can unknowingly introduce ransomware into your network by clicking on a malicious link in a phishing email, through a corrupt ad, or by visiting an infected website.

Typically, malware installs itself silently without your knowledge. Depending on the sophistication of the malware, you might get a pop-up with instructions on how to buy a decryption key to regain access to your company’s files. In other instances, you won’t be able to access your computer system at all after a ransomware attack.

How does ransomware insurance work?

Ransomware cyber insurance, also known as cyber extortion coverage, is typically included with a sublimit under a cyber liability insurance policy. The sublimit puts a cap on payments stemming from the ransomware portion of your cyber liability insurance. For example, a $1 million cyber liability insurance policy could have a ransomware sublimit of $25,000.1

Policy specifics often hinge on a company’s risk profile based on its ransomware exposure. For example, do you have a digital security plan in place? Have you taken steps to reduce your risk of a ransomware attack? If so, your premium cost will likely differ from that of a company with no defenses in place.

When looking for the ransomware insurance policy that is right for you and your business, remember that it is rarely its own form of coverage. It’s almost always an add-on to a cyber liability policy.

What does ransomware insurance cover?

Most ransomware insurance policies will provide coverage against some or all of the following:

  • The ransom — The sum of money that a criminal demands you pay in order for you to regain control of your company’s system or data. Depending on the policy, this might also include coverage to replace compromised hardware.
  • Extortion expenses — Ransomware insurance will typically help cover fees associated with the cyber extortion event, from infrastructure rebuilding costs to travel expenses to negotiator, and consultant fees.
  • Repairs — Cybercriminals are nefarious. Even if you pay a ransom, it’s never guaranteed that the system will be turned over (let alone in its original condition). Many ransomware policies will help cover damages, including the cost of rebuilding or replacing programs, infrastructure, and data.

Not all ransomware attacks are reported, but 27% of companies that reported an attack have paid a ransom, according to a recent report by the Institute for Security and Technology.2 It’s important to note that the ransomware insurance provider typically needs to greenlight a ransom payment before it’s made. So if you jump the gun and pay a ransom before notifying your insurer, they may not reimburse you.3

What is cyber liability coverage?

Cyber liability insurance is the broader coverage policy form that may also include ransomware insurance coverage. Typically, it includes both first-party and third-party coverage in the case of a data breach:

  • First-party coverage — Insurance coverage for losses experienced by the company or individual that is the victim of a breach. Financial losses could range from paying a ransom to covering repair costs or even responding to a client lawsuit. (Ransomware insurance is included here.)
  • Third-party coverage — Includes coverage for losses sustained by your customers, clients, or third parties affected by the cyber breach. For instance, if your customers file claims against your business after a ransomware attack, third-party coverage would help cover associated fees.

Take charge with cyber liability insurance

Nobody wants to feel helpless. Cyber liability insurance can help you rest easier knowing that you’ve taken action to reduce your exposure to cyber threats.

To get ahead of threats to your business, you need to move fast. That’s why you need small business insurance from Thimble. Click “Get a quote” or download the Thimble mobile app, answer a few questions about your business, and you can get business insurance within minutes.


  1. AdvisorSmith. Ransomware Insurance. 
  2. Institute for Security and Technology. Combatting Ransomware. 
  3. National Association of Insurance Carriers. Ransomware.