All Articles

Are Leaders Ready to Break the Ransomware Cycle

Posted by Matthew Rosenquist on October 21, 2024 at 10:17am in Blog
Are Leaders Ready to Break the Ransomware Cycle

It is good to see US government leaders realize that ransomware is a growing existential threat to our country, at the hands of our adversaries.

A top US national cybersecurity advisor stated in a recent op-ed, “This is a troubling practice that must end.” The government is looking at ways to disrupt ransomware attacks. One tactic is to get cyber insurance companies to stop reimbursements for ransoms.

Undermining ransomware is possible, but the only path is to outlaw digital extortion payments. This targets the root of the problem by undermining the motivation of the attacker.

For decades, cybersecurity and insurance companies have taken advantage of growing attacks and fears to sell their products, which have not provided a meaningful solution to stop the widespread surge of ransomware. It has become a self-serving profit center to motivate customers to purchase more tools and policies for a problem they are not solving.

Security controls are a costly tactic where the attacker maintains a significant overall advantage because they can quickly adapt, thereby requiring more tools to be purchased by the potential victims who are caught in an endless spending cycle. Insurance does nothing to reduce attacks, as it is a mechanism to transfer risk. In fact, paying the attacker simply motivates them more, thereby precipitating even more attacks!

There are feasible and practical plans that would work. However, security and insurance companies are the first to cast doubt on any plans that may disrupt their revenue streams. Their narratives are foreboding, but when closely examined, the fears of outlawing payments are largely unfounded.

As a nation, we are beginning to see how digital extortion is effectively being used by international adversaries and cybercriminals. The trend will continue, rapidly causing more extensive harm. Traditional measures, like continually adding more security tools, continue to fail in fundamental ways, and we must take a different approach.

It is time for the US government to take a serious step forward to undermine ransomware, without creating an unnecessary financial burden on the potential victims, by outlawing digital extortion payments.

Views: 77
Tags: cybersecurity, ransomware, politics, government, policy, insurance
Votes: 0
E-mail me when people leave their comments –
Follow
Posted by Matthew Rosenquist

CISO and Cybersecurity Strategist

You need to be a member of CISO Platform to add comments!

Join CISO Platform

Join The Community Discussion

Read More

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)
 

 

 

CISO Platform Talks : Security FireSide Chat With A Top CISO or equivalent (Monthly)

Jun 1, 2025 at 3:00am to Dec 31, 2025 at 3:00am
Virtual
  • Description:

    CISO Platform Talks: Security Fireside Chat With a Top CISO

    Join us for the CISOPlatform Fireside Chat, a power-packed 30-minute virtual conversation where we bring together some of the brightest minds in cybersecurity to share strategic insights, real-world experiences, and emerging trends. This exclusive monthly session is designed for senior cybersecurity leaders looking to stay ahead in an ever-evolving landscape.

    We’ve had the privilege of…

  • Created by: Biswajit Banerjee
  • Tags: ciso, fireside chat

CISO Talk (Chennai Chapter) - AI Code Generation Risks: Balancing Innovation and Security

Jul 19, 2025 from 4:00pm to 5:00pm
Virtual
  • Description:

    We’re excited to invite you to an exclusive CISO Talk (Chennai Chapter) on “AI Code Generation Risks: Balancing Innovation and Security” featuring Ramkumar Dilli (Chief Information Officer, Myridius).

    In this session, we’ll explore how security leaders can navigate the risks of AI-generated code, implement secure development guardrails, and strike the right balance between innovation and security. AI…

  • Created by: Biswajit Banerjee
  • Tags: ciso talk

CISO MeetUp: Executive Cocktail Reception @ Black Hat USA , Las Vegas 2025

Aug 4, 2025 from 6:00pm to 10:30pm
Topgolf Las Vegas
  • Description:

    We are excited to invite you to the CISO MeetUp: Executive Cocktail Reception if you are there at the Black Hat Conference USA, Las Vegas 2025. This event is organized by EC-Council & FireCompass with CISOPlatform as proud community partner. 

    This evening is designed for Director-level and above cybersecurity professionals to connect, collaborate, and unwind in a relaxed setting. Enjoy…

  • Created by: Biswajit Banerjee
  • Tags: black hat 2025, ciso meetup, cocktail reception, usa events, cybersecurity events, ciso

6 City Playbook Round Table Series (Delhi, Mumbai, Bangalore, Pune, Chennai, Kolkata)

Sep 1, 2025 at 5:00pm to Oct 31, 2025 at 8:00pm
India
  • Description:

    Join us for an exclusive 6-city roundtable series across Delhi, Mumbai, Bangalore, Pune, Chennai, and Kolkata. Curated for top cybersecurity leaders, this series will spotlight proven strategies, real-world insights, and impactful playbooks from the industry’s best.

    Network with peers, exchange ideas, and contribute to shaping the Top 100 Security Playbooks of the year.

    Date : Sept 2025 - Oct 2025

    Venue: Delhi, Mumbai, Bangalore, Pune,…

  • Created by: Biswajit Banerjee