<p>John Kindervag opened his session at RSAC 2026 Conference with a compelling proposition: The advent of life insurance offered a new motivation to commit murder.</p>
<p>The Forrester alumnus, who is widely credited as the creator of the zero-trust security model, and current chief evangelist at Illumio, argued that, while murder has always been part of society, life insurance layered a financial incentive on top of an ancient crime.</p>
<p>Today, he said, that equates to <a href=”https://www.techtarget.com/searchsecurity/definition/cybersecurity-insurance-cybersecurity-liability-insurance”>cyber insurance</a> giving digital criminals a lucrative new reason to escalate the decades-old practice of <a href=”https://www.techtarget.com/searchsecurity/definition/ransomware”>ransomware</a> fraud.</p>
<section class=”section main-article-chapter” data-menu-title=”Ransomware evolves”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>Ransomware evolves</h2>
<p>The ransomware age dawned in 1989. An evolutionary biologist, Joseph L. Popp, distributed thousands of floppy disks, labeled as legitimate research software, to attendees of a World Health Organization AIDS conference. Once installed, the program on the disks — later dubbed the AIDS Trojan — lay dormant until activated after a predetermined number of system reboots. The malware hid directories and encrypted file names with symmetric encryption, rendering the computer unusable. Victims were presented with a message to send a $189 payment to a P.O. box in Panama to regain access.</p>
<p>As computing and networks have grown more sophisticated, so have the <a href=”https://www.techtarget.com/searchsecurity/feature/The-history-and-evolution-of-ransomware”>technologies and methods employed in ransomware schemes</a>.</p>
<p>In the early 2000s, basic file-renaming and locking techniques were replaced by asymmetric encryption. Distribution became easier as email attachments and <ins datetime=”2026-04-07T10:47″ cite=”mailto:Livingston,%20Richard”><a href=”https://www.techtarget.com/searchsecurity/definition/botnet”>botnets</a></ins> offered new methods to infect systems. Payment, too, became easier as <ins datetime=”2026-04-07T10:49″ cite=”mailto:Livingston,%20Richard”><a href=”https://www.techtarget.com/searchsecurity/post/How-cryptocurrencies-enable-attackers-and-defenders”>cryptocurrencies</a></ins> provided anonymity without banking oversight. In 2019, extortion became a popular tactic; beyond just encrypting and locking data, attackers now stole it and threatened to publish it or leak it on the dark web.</p>
<p>By the 2020s, innovation had reached breakneck speed, with <ins datetime=”2026-04-07T10:49″ cite=”mailto:Livingston,%20Richard”><a href=”https://www.techtarget.com/searchsecurity/tip/How-AI-malware-works-and-how-to-defend-against-it”>AI-fueled cyberattacks</a></ins> enabling large-scale, multivector data exfiltration and extortion from even the most secure government agencies and global enterprises.</p>
</section>
<section class=”section main-article-chapter” data-menu-title=”The dawn of cyber insurance”>
<h2 class=”section-title”><i class=”icon” data-icon=”1″></i>The dawn of cyber insurance</h2>
<p>The cyber insurance industry rose in parallel with greater reliance by businesses on the internet and electronic storage, as well as the growth of emerging cybersecurity threats.</p>
<p>Commercial insurers began experimenting with coverages in the 1990s, offering narrow third-party liability policies covering damage caused by hacker-induced breaches. By the end of the decade, insurers were issuing the first widely marketed cyber insurance policies, covering <a href=”https://www.techtarget.com/searchsecurity/tip/How-to-calculate-the-cost-of-a-data-breach”>data breach response and business interruption costs</a>. In the 2000s, more companies began offering products and began selling first-party coverage that insured policyholders and other parties affected by cyber incidents.</p>
<p>The industry has been maturing ever since, <a href=”https://www.techtarget.com/searchsecurity/tip/Cyber-insurance-explained-from-selection-to-post-purchase”>expanding product portfolios</a> to include breach notification, credit monitoring, regulatory defense, ransomware negotiation, supply chain coverage and extortion protections. As the threat landscape has become more perilous, premiums have spiked. According to Kindervag, the market has grown 40-fold in the past 20 years and is presently estimated at nearly $21 billion.</p>
</section>
<section class=”section main-article-chapter” data-menu-title=”The business of it all”>
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: