The government behind insurance governance: Lessons for ransomware

Anja Shortland, Tom Baker

Research output: Contribution to journalArticlepeer-review

2 Citations (Scopus)


The insurance as governance literature focuses on the ability of private enterprises to collectively regulate, pool, and distribute risks. This paper analyzes how governments support insurance markets to maintain insurability and limit risks to society. We propose a new conceptual framework grouping government interventions into three dimensions: regulation of risky activity, public investment in risk reduction, and co-insurance. We apply this framework to six case studies, describing insurance markets' reliance on public support in more analytically precise terms. We analyze how mature insurance markets overcame insurability challenges akin to those currently presented by extortive cybercrime. Private governance struggled when markets grew too big for informal coordination or when (tail) risks escalated. Government interventions vary widely. Some governments prioritize supporting economic activity while others concentrate on containing risks. Governments also choose between risk reduction and ex post socialization of losses. We apply these insights to the market for ransomware insurance, discussing the merits and potential hazards of current proposals for government intervention.
Original languageEnglish
JournalRegulation & Governance
Publication statusPublished - 24 Nov 2022


  • Insurance
  • Governance
  • Ransomware


Dive into the research topics of 'The government behind insurance governance: Lessons for ransomware'. Together they form a unique fingerprint.

Cite this