fre. 25. jun. 2021 21.33 skrev Aaron C. de Bruyn via NANOG <nanog@nanog.org
:
On Fri, Jun 25, 2021 at 10:43 AM Tom Beecher <beecher@beecher.cc> wrote:
Incompetent insurance companies combined with incompetent IT staff and
under-funded IT departments are the nexus of the problem.
Nah, it's even simpler. It's just dollars all around. Always is.
Agreed.
From this company's point of view, the cost to RECOVER from the problems is so much smaller than it would be to prevent the problems from happening to begin with, so they are happy to let you guys handle it. From the insurance company's point of view, they are collecting premiums, but no claims are being filed, so they have no incentive to do anything differently.
I'm sure that'll change drastically if either of these conditions are true: * A claim is filed * An audit is required * Ransomware surges throughout 2021 and payouts go through the roof
I think it's reasonable to expect at least one of those things will happen in the next year.
-A
Or they do business in the EU where huge fines are becoming the norm. The ransomware does not matter but the implied data breach does.