|
|
|
|
|
|
by colatkinson
968 days ago
|
|
|
Not sure if you're aware, but ransomware insurance is already a significant industry, and the contracts usually stipulate that the client company undergoes some type of regular auditing. From what I've heard, insurance companies are actually kinda souring on the business because it's incredibly bad from an actuarial perspective: many of those targeted are SMBs (i.e. they're not paying the kind of premiums that would make it worthwhile), but even for large corps as time passes the odds of a ransom event approach 1. I mean, can anyone think of a large non-tech enterprise that doesn't have that doesn't have that one load-bearing Windows Server 2008 machine in a closet? So to an extent, this seemingly represents the industry collectively declaring that even massive monthly insurance premiums are insufficient for companies to get their security posture together, and so they're trying to cut it off at the source by making ransomware as an endeavor unprofitable. |
|
|
Hah, that is literally how an old employer of mine got hacked and ransomwared big time.