The Government Behind Insurance Governance: Lessons for Ransomware

21 Pages Posted: 11 Nov 2022 Last revised: 12 Sep 2023

See all articles by Tom Baker

Tom Baker

University of Pennsylvania Carey Law School

Anja Shortland

King's College, London

Date Written: October 24, 2022


The insurance as governance literature focuses on the ability of private enterprises to collectively regulate, pool, and distribute risks. This paper analyzes how governments support insurance markets to maintain insurability and limit risks to society. We propose a new conceptual framework grouping government interventions into three dimensions: regulation of risky activity, public investment in risk reduction, and co-insurance. We apply this framework to six case studies, describing insurance markets’ reliance on public support in more analytically precise terms. We analyze how mature insurance markets overcame insurability challenges akin to those currently presented by extortive cybercrime. Private governance struggled when markets grew too big for informal coordination or when (tail) risks escalated. Government interventions vary widely. Some governments prioritize supporting economic activity while others concentrate on containing risks. Governments also choose between risk reduction and ex post socialization of losses. We apply these insights to the market for ransomware insurance, discussing the merits and potential hazards of current proposals for government intervention.

Keywords: Insurance markets, risk assessment & management, cybercrime, cyberattack, ransomware, governance, public policy, government regulation, liability, standard setting, data sharing

JEL Classification: G22, G28, K24

Suggested Citation

Baker, Tom and Shortland, Anja, The Government Behind Insurance Governance: Lessons for Ransomware (October 24, 2022). Regulation and Governance, 2022, U of Penn, Inst for Law & Econ Research Paper No. 22-40, Available at SSRN:

Tom Baker (Contact Author)

University of Pennsylvania Carey Law School ( email )

3501 Sansom Street
Philadelphia, PA 19104
United States
215-746-2185 (Phone)


Anja Shortland

King's College, London ( email )

London, England WC2R 2LS
United Kingdom

Do you have negative results from your research you’d like to share?

Paper statistics

Abstract Views
PlumX Metrics