Insurers paying ransomware claims hold the most complete private-sector dataset on incident costs, payment prevalence, and sector distribution that currently sits outside Singapore's national threat intelligence picture. Mandatory reporting to MAS or CSA would create the aggregate signal that defenders need to benchmark risk and calibrate the real cost of ransomware at a national level, rather than relying on voluntary disclosure from victims. The critical design question is whether reporting covers claims paid or all covered incidents. That gap reveals how often victims opt not to pay, which materially changes the intelligence value.
Insurers paying ransomware claims hold the most complete private-sector dataset on incident costs, payment prevalence, and sector distribution that currently sits outside Singapore's national threat intelligence picture. Mandatory reporting to MAS or CSA would create the aggregate signal that defenders need to benchmark risk and calibrate the real cost of ransomware at a national level, rather than relying on voluntary disclosure from victims. The critical design question is whether reporting covers claims paid or all covered incidents. That gap reveals how often victims opt not to pay, which materially changes the intelligence value.