A CISO's Perspective on Ransomware Payments

Dark Reading -

A debate is raging about how organizations should respond to ransomware attacks, particularly if victims should pay, or just rely on cyber insurance. The recent Biden administration executive order on cybersecurity and other proposed bills that limit or ban ransom payments and mandate reporting of ransomware attacks put pressure on enterprises to update their strategies and prepare for change.

But Anne Neuberger, deputy national security adviser for cyber and emerging technology, said during a wide-ranging interview with the Silverado Policy Accelerator that banning ransomware payments would be a “difficult policy position.” So, should businesses make their own decision on ransomware or take cues from eventual federal legislation?

Until recently, I was subscribed to the “never pay the ransom” school of thought — partly informed by being a DC native, my proximity to the Department of Justice, and the prevailing attitudes within my professional groups. My stance was also motivated by my

The post A CISO's Perspective on Ransomware Payments first appeared on Dark Reading.

Read More.....