United on Ransomware payments

Interesting.

Cyber insurance industry unites to bear down on ransom payments
Joint guidance from the NCSC with the Association of British Insurers (ABI), British Insurance Brokers’ Association (BIBA) and International Underwriting Association (IUA) aims to help organisations faced with ransomware demands minimise disruption and the cost of an incident.

The guidance is arguably what should be done anyway

Guidance for organisations considering payment in ransomware incidents
Advice for organisations experiencing a ransomware attack and the partner organisations supporting them.

It’s not banned - just seriously discouraged.

Is this now a risk you must tackle rather than offload to insurance? Good.

“The NCSC does not encourage, endorse or condone paying ransoms, and it’s a dangerous misconception that doing so will make an incident go away or free victims of any future headaches. In fact, every ransom that is paid signals to criminals that these attacks bear fruit and are worth doing.”

Subscribe to Gary P Shewan

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe