-
Cyber Insurance underwriters with expertise and Appetite
I’ve had the pleasure of interacting with several cyber insurance underwriters. And in my jurisdiction (Kenya), we have very few insurers with the cyber risk appetite due to the high quantum of claims and frequency especially in Ransomware related cases. Mine is a two-part question;
1. Between Beazley and Chubb, who offers the best and comprehensive cyber solution especially to Multi-national clients that deal in various sectors ranging from Energy, oil & gas, real estate and hospitality?
2. What is the best way to handle Ransomware payments keeping in mind that some jurisdictions may not allow such payments to threat actors?
The two questions will definitely spark a meaningful conversation that will enable all players sharpen their cyber operation skills and align to flexible solutions that are beneficial to the cyber insurance clients.
-
1 Reply
-
HI Frederick,
1)
Top cyber insurance providers for multinational, multi sector clients!
From the latest comparative rankings and global industry reviews, the consistently top‑rated cyber insurers – based on coverage breadth, underwriting strength, responsiveness, and multinational capability includes, combined with my own experience….
Top 5 Providers (2025–2026)
1. Chubb
Ranked the #1 overall cyber insurer in 2026 due to comprehensive business and personal cyber plans and 24/7 breach response.
Particularly strong for large enterprises and multinationals.
2. Zurich Insurance
Strong cyber liability coverage and excellent for multinational corporations.
Covers ransomware payments, notification costs, and compliance penalties – important for energy, real estate, hospitality.
3. AIG
Global footprint, strong underwriting expertise in energy, oil & gas, and infrastructure-heavy sectors.
4. AXA XL & 5. Beazley
AXA XL and Beazley are listed among top global providers with strong cyber expertise across multiple industries including energy and hospitality.
-The above insurers are in my opinion recognized as some of the best equipped insurers to serve multinational, high‑risk sectors, including oil & gas, utilities, real estate portfolios, and hospitality operations.
2)
Best way to handle ransomware payments across varying legal regimes
Ransomware payment handling is legally complex due to emerging bans, sanctions implications, mandatory reporting rules, and payment‑preclearance regimes. Recent (2025–2026) legal analyses reveal the following:
* A Global Trend: Increasing restrictions on ransomware payments and cutting back of payments from insurance companies……
Countries including the US, UK, EU states, and Australia are actively considering or implementing targeted bans or sanctions‑based restrictions, which could include – bans of payments by public sector & critical infrastructure.
—
Best practice strategy for organizations – to handle ransomware payments:
-Always involve legal counsel + compliance early in the attack phase
-Due to sanctions and potential legal prohibitions, organizations must evaluate:
-Whether the attacker belongs to a sanctioned group
-Whether local law prohibits or restricts ransom payments
-Follow mandatory reporting regimes
Engage Your Cyber Insurer’s Incident Response Ecosystem, including;
A) Forensic investigation
B) Negotiation teams (Specialists – not insurance or cyber competences)
C) Legal and compliance checks
D) Crisis communication
—
Before a ransomware attack (PREVENT):
1. Strengthen cyber hygiene and hardening
2. Conduct regular risk assessments and “readiness checks”
3. Develop a incident response plan
4. Ensure compliance with emerging legal and reporting regimes
5. Optimize backup, restore, and continuity Plans
6. Make a specific and detailed action plan – towards the ransomware attack (as part of extension in #3) – and take it to board level.
Best regards
Lars
Log in to reply.