- NigelFrobisher@aussie.zoneEnglish3 hours
Given tech companies are downscaling and blackhat llms are now a thing, I clearly picked the wrong career path.
4 hoursIn some countries, it is a criminal-offense to pay criminals, to provide profit to crime.
How selectively-peculiar that that law isn’t being applied when people pay ransomwere-gangs…
Hmm…
_ /\ _
- hitwright@lemmy.worldEnglish13 hours
There is insurance for ransomware. Most companies I know, has bought it (surprisingly popular). I’m not surprised that the companies would be willing to pay
- hitwright@lemmy.worldEnglish12 hours
They hand it off to other companies that specialize in auditing and overseeing the hack resolvement. If their partner company decide, that it’s worth paying. Then they pay.
If the partner company decides to try and negotiate, they can I guess… Hard to say, never saw how insurance plays out when a true hack occurs.
- SayCyberOnceMore@feddit.ukEnglish15 hours
Companies should tie CISO contracts to ransomware payouts.
We’d instantly have better protection AND make it financially unviable for future attacks as the CISO’s would have to pay out from their own wages.
- hitwright@lemmy.worldEnglish13 hours
I doubt it would be of any use. Most companies underfinance IT and security, while CISO just writes “rules” on how things should be, instead of overseeing actual hardening.
CEOs on the other hand being financially or criminally responsible, may lead to something.
At least the EU NIS2 directive has the right idea about it
