October 3, 2022

Volume XII, Number 276

Advertisement

September 30, 2022

Subscribe to Latest Legal News and Analysis

Ransom Payment Debate Is Reminder to Stick to Cybersecurity Fundamentals

Criminal cyber attacks that deprive access to vital digital information and hold it for ransom are a constant and ever-increasing threat. No organization is immune. 

Due to the exponential rise in ransomware attacks, cyber insurance coverage for ransom payments – one of the tools for mitigating cyber risk – now requires steeper premiums for much less coverage. Some argue that insurers’ payments have contributed to the increase in attacks.  Meanwhile, the FBI continues to warn that paying a ransom is never a guarantee that encrypted data will be recovered. 

 Whether to pay a ransom has now become a matter of state public policy. In an effort to deter ransomware attacks on state agencies, North Carolina became the first state to enact laws prohibiting the use of tax dollars to pay ransoms (N.C.G.S. 143‑800). Pennsylvania is considering following suit. A proposed ban on ransom payments in New York would extend to private companies (see New York State Senate Bill S6806A). Whether these efforts will successfully deter cybercrime remains to be seen.  

These developments serve as a reminder to focus on cybersecurity fundamentals.  Organizations should review their cybersecurity measures on a regular basis as a matter of good governance. Simple security measures such as multifactor authentication and providing regular employee training on phishing and other social engineering scams can make all the difference.

Whether paying ransoms causes an increase in ransomware attacks by emboldening criminals will continue to be debated. But any such increase likely pales in comparison to the risks associated with the failure to institute appropriate cybersecurity measures. Too many organizations remain easy pickings. 

© 2022 Bradley Arant Boult Cummings LLPNational Law Review, Volume XII, Number 158
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

A. Kate Margolis Insurance Attorney Jackson MS  Bradley Arant Boult Cummings LLP
Counsel

Kate Margolis provides insurance coverage advice for policyholders. She knows that insurance coverage is essential to the long-term viability of any business. Kate helps policyholders preserve coverage both before and after a claim arises. She advises regarding terms and conditions and potential gaps in coverage when clients are evaluating their insurance programs.  For example, cyber insurance has fast become a crucial part of any insurance program. Kate recently co-authored the Guide to Cyber Insurance: Building a Program, Procuring Coverage, Managing Claims and...

601-592-9930
Advertisement
Advertisement
Advertisement