Call it a learning experience. After the attack, they'll make a loooong list of everything they should have done. Then they can cover ransomware again, for companys that show in an audit they implemented axa's list.