Ransomware – Who Pays?


Ransomware sucks and insurance is one of those things that no business owner ever wants to pay for, but they want it when they need it.  The problem is we don’t spend as much time understanding what we have between the time we buy the policy and the time we get to the next renewal.

Which Policy Form do you Have?

During Cybersecurity Awareness month, I will highlight topics that I think are extremely important for business owners to know about how cyber insurance works.  The first thing I want to talk to you about as we go down this road is your type of policy form.  Does your policy have a reimbursement form, or does it have a pay on behalf of form?  Here’s why that’s important.  With a reimbursement form, you handle everything involved in the claim.  You keep your receipts, turn them into the carrier, and get money reimbursed after the fact.  Some of you may feel like you can adjust claims and control that process better, but at the end of the day, you can’t.  Okay, let’s call it what it is.  There are other issues with that.

Why Does it Matter?

In addition to the fact you have to do the work, let’s think about who does ransomware.  The people who could be holding your computer systems hostage likely are on a government watch list.  Not only do you have to worry about whether or not you’re going to be the one adjusting the claim, but you also have to worry about whether or not you’re even legally allowed to pay this person the ransom that they’re demanding.  They may be a known terrorist on the Department of Homeland Security’s website.  So you have to have a procedure for that.  If you have a pay on behalf of policy, you don’t have to do any of that because the insurance company handles it all.

How Will you Pay the Ransomware Claim?

Another big one at the forefront of current events is how you will pay.  If you’ve never had a ransomware event, you don’t realize that ransomware gets paid in cryptocurrency.  If you know anything about crypto, you know that the portfolio of crypto people is about 80% less than last year.  Even if you had the foresight to have a fund filled with Bitcoin, Ethereum, whatever, and you knew that you were holding that money in the event, you would have ransomware, what happened to that money?  Now you don’t have enough.  The insurance company pays all that for you when you have a pay-on-behalf policy.

You would never know this as a business owner.  Honestly, my peer group probably doesn’t know either, at least most of them.  If they did, they would be talking to you about it.  So I would challenge you if you have cyber insurance; good on you, you’re ahead of the curve.  But ask your agent or look in your policy and see if you are on pay on behalf or are you a reimbursement form?

Relax, We’ve got you Covered

If you’re uncomfortable asking your agent and don’t know where to look, feel free to reach out.  I’ve put a button at the bottom of this post.  You’re welcome to schedule time on my calendar.  I don’t have to try and sell you anything.  I can save you a bunch of time because I know exactly where to look in the policy and let you know what I see.

If there are issues and you want me to correct them, I’m happy to do so.  But please understand that’s not the intent of this publication.  I wish you nothing but the best.  And if you’re ready, talk to us at Florida Risk Partners, where you can experience partnership redefined.

Call Us Or
Schedule an Appointment 

Select an agent below to view our online calendars and select a day and time that works best for you or call us directly at 888-601-6660. When you use our online calendars, you will receive an email with more information.


David Carothers

 Commercical Insuramce

Kyle Houck

Kyle Houck

 Commercial Insurance


Grayson Carothers

 Personal Insurance

Traducir » Spanish