Cyberattacks are a clear and present danger for all organizations, but local governments are particularly vulnerable. A 2020 study showed that local governments are more likely to be the targets of a ransomware attack than any other kind of organization and that 44% of ransomware attacks targeted local governments in 2020, a portion similar to 2019. The trend does not seem to be abating: 2021 saw a nine-fold increase in ransomware attacks on government organizations between 2020 and 2021.

The potential extreme consequences of a cyberattack have caused many local governments to turn to cyber insurance. Given the potential losses from an attack, transferring the risk of an attack to the insurance market could be an attractive proposition. However, cyber insurance is a relatively new type of insurance instrument compared to traditional insurances, like property and liability insurance. Also, the cost of a policy or the availability can change dramatically in a short time. In fact, as of this writing, many governments have experienced rapidly increasing premium costs. This article will help local governments approach cyber insurance in a risk-savvy manner and make smart decisions about how to invest in protection against cybercrime.

• Publication date: October 2022
• Authors: Shayne Kavanagh, Rob Roque, and Teri Takai