“Impossible to enforce”
Guy Golan, Executive Chairman, Performanta
The government’s decision to ban paying ransomware tried to achieve the right things, but is unfortunately impossible to enforce for a few reasons:
1. The main reason is that the public sector live in a significant technical debt, with low-paid employees and old processes – ie their resilience levels are low. Without the government focusing on significant improvement on the resilience, ransomware will happen AND will cause damage. Which leads me to point two.
2. In my experience, there is no organisation that didn’t pay ransomware if they knew that without payment their existence will be at risk. In that case, if for example, without paying ransomware people may perish. I would argue that the public will apply so much pressure to pay the ransomware, rather than stand by a life-threatening principle.
In order to minimise being at a dilemma of whether to pay or not, the government must focus on increase of resilience before they make bans that will not hold water.
What did Cybaverse CTO Juliette Hudson have to say about the ban? See next page…
