Are Leaders Ready to Break the Ransomware Cycle
Matthew Rosenquist
CISO at Mercury Risk. - Formerly Intel Corp, Cybersecurity Strategist, Board Advisor, Keynote Speaker, 190k followers
It is good to see US government leaders realize that ransomware is a growing existential threat to our country, at the hands of our adversaries.?
A top US national cybersecurity advisor stated in a recent op-ed , “This is a troubling practice that must end.”? The government is looking at ways to disrupt ransomware attacks.? One tactic is to get cyber insurance companies to stop reimbursements for ransoms.
Undermining ransomware is possible, but the only path is to outlaw digital extortion payments.? This targets the root of the problem by undermining the motivation of the attacker.?
For decades, cybersecurity and insurance companies have taken advantage of growing attacks and fears to sell their products, which have not provided a meaningful solution to stop the widespread surge of ransomware.? It has become a self-serving profit center to motivate customers to purchase more tools and policies for a problem they are not solving.
领英推荐
Security controls are a costly tactic where the attacker maintains a significant overall advantage because they can quickly adapt, thereby requiring more tools to be purchased by the potential victims who are caught in an endless spending cycle.? Insurance does nothing to reduce attacks, as it is a mechanism to transfer risk.? In fact, paying the attacker simply motivates them more, thereby precipitating even more attacks!
There are feasible and practical plans that would work.? However, security and insurance companies are the first to cast doubt on any plans that may disrupt their revenue streams.? Their narratives are foreboding, but when closely examined, the fears of outlawing payments are largely unfounded .?
As a nation, we are beginning to see how digital extortion is effectively being used by international adversaries and cybercriminals.? The trend will continue, rapidly causing more extensive harm.? Traditional measures, like continually adding more security tools, continue to fail in fundamental ways, and we must take a different approach.
It is time for the US government to take a serious step forward to undermine ransomware, without creating an unnecessary financial burden on the potential victims, by outlawing digital extortion payments.
Building corporate AI ethical risk mitigation & governance programs | Author "Ethical Machines" (Harvard Business Review Press) | CEO Virtue
2 周Not sure what to think about this. On the one hand, I can see that if such payments were outlawed then that would potentially decrease attacks. On the other, I wonder if the company that was hacked has a moral obligation to do what it can to recover its data. How do you think about balancing these things, Matt? Also, I take it the penalty for breaking the new law you propose would have to be quite severe. If it's just a middling fine, it may be worth it to pay the fine because of the value of the data the organization recovers. The alternative is jail time, but that strikes me as too extreme in this context. Again, I welcome your thoughts; you've obviously thought a lot more about this than I have.
I build effective cybersecurity programs, exceptional teams, and rational processes
3 周Not possible to outlaw -- in some cases, ransom payment is the only way for the business to continue operating. What should be implemented is filing a required explanation as to why such payment was made, complete with financially-substantiated justification. Such explanation should be reviewed and if the payment is determined to be unnecessary (e.g. recovery was possible but more expensive), it should result in hefty fines measured in multiples of "saved" recovery costs.
And for those of you that missed it...https://www.dhirubhai.net/posts/michael-gurau-926230_ransomware-cybersecurity-cybersecurityinsights-activity-7251968208197365762-zlWg?utm_source=share&utm_medium=member_desktop