Ransomware attacks are one of the most disruptive threats facing businesses today. When cybercriminals lock your systems and demand payment, the big question becomes: do you have to pay the ransom?
The answer might surprise you. Thanks to new data and stronger cyber insurance solutions, paying up is no longer the default option. In this article, we’ll break down what the latest numbers show, why ransom demands are rising, and how a solid cyber liability policy can protect your business.
Are Businesses Still Paying Ransoms?
A recent report from Marsh, the world’s largest insurance broker, analyzed over 1,800 cyber claims in the U.S. and Canada in 2023.
Here’s what they found:
- 282 cyber extortion events occurred in 2023.
- Only
23% of companies actually paid the ransom.
- That’s a sharp decline from just two years earlier, when
63% of companies paid.
In other words, the majority of businesses—77%—are now refusing to pay. This shift shows that organizations are finding other ways to respond, often with the help of cyber insurance and professional negotiators.
Why Ransom Demands Are Rising
While fewer companies are paying, cybercriminals aren’t backing down. In fact, their demands are getting larger:
- Median ransom payment in 2023: $6.5 million (up from $335,000 in 2022).
- Median ransom demand in 2023: $20 million (up from $1.4 million in 2022).
These numbers are heavily influenced by large corporations and multi-billion-dollar enterprises. Still, it highlights how costly these attacks can become for businesses of all sizes.
The Role of Cyber Insurance
So what does this mean for your business? This is where a strong
cyber liability policy makes all the difference. Cyber insurance is not just about paying a ransom—it provides resources and support to manage the entire incident, including:
- Ransom negotiation and response – Professionals can handle communications with cybercriminals.
- Legal assistance – Guidance on compliance, liability, and reporting obligations.
- Forensic investigation – Experts to identify how the attack happened and prevent it from happening again.
- Regulatory support – Especially important in industries like healthcare and finance, where data breaches can trigger fines and penalties.
Having cyber insurance means you’re not alone in making high-stakes decisions when your business is under attack.
Ransomware Tactics Are Evolving
Today’s cybercriminals are more sophisticated than ever. Many use
social engineering tactics to trick employees into granting system access. Others employ
“double extortion” schemes, where they both encrypt your data and threaten to leak sensitive information unless paid.
This raises the stakes for every business. Without the right protection, you may be forced into impossible decisions that can damage your finances and your reputation.
Beyond Ransomware: Third-Party Liability
Cyber liability policies also extend beyond just ransomware. If your breach impacts customers, vendors, or partners, your policy can cover
third-party liability—including claims, damages, and defense costs.
That protection is especially critical in today’s interconnected world, where a single breach can ripple across your entire business network.
Final Thoughts
So, does your business have to pay the ransom if you’re hacked? The data shows the answer is increasingly
no. Companies are refusing to pay, relying instead on cyber insurance to navigate the crisis and recover.
With cyberattacks becoming more advanced and demands skyrocketing, a comprehensive cyber insurance policy is one of the smartest investments you can make to safeguard your business.
Pro Tip: Don’t wait until after a breach to think about cyber coverage. Review your policy now and make sure it includes ransomware, extortion, and third-party liability protections.
