Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Cyber Insurance: Is Paying a Ransom Counter-Productive?

    Evangelists-Jacqueline JayneFood for thought as discussed on May 18, 2023, an article posted in The Australian Insurance Council: Banning paying a ransom to cyber hackers is counter-productive where Andrew Hall, the Chief Executive of the Insurance Council of Australia (ICA), stated that “attempts to ban businesses from paying ransoms for cyber attacks risks eroding trust and relationships with government.”

    The premise of this comment comes from the recent Australian Federal Budget announcement of AUD $23.4 million in funding for a program designed to uplift cyber security for 50,000 small businesses with a cyber warden program.  The details of this program are yet to be finalized. Mr. Hall encourages more consultation between the government and the small business community.

    In relation to the proposed ban on paying ransoms for cyber attacks, Mr Hall brings up a valid point that the “decision for a business to pay or not pay a ransom is a decision for the business.” If a ban on paying ransoms was to come into effect, there is a high chance that businesses would decide to pay to keep their business running despite the potential fallout.

    The steady nature of ransomware attacks is a reminder that no company is immune. As the threat landscape continues to evolve, it is more important than ever for Australian businesses to cultivate a security culture. This means having a comprehensive security strategy and focusing on preventative measures to reduce the risk of human error and investing in security technologies.

    We can’t (yet) stop ransomware.  What we can do is limit the effectiveness and frequency of ransomware by increasing basic cyber awareness. 

    There are several things that Australian businesses can do to increase their basic cyber hygiene and cultivate a security culture. These include:

    • Implement ongoing, relevant, and engaging employee education on security best practices.
    • Provide an opportunity for employees to test their knowledge with simulated social engineering activities, e.g., simulated phishing programs. 
    • Create relevant cyber security policies that specify the desired guidelines, expectations, actions, attitudes, and behaviors aligned with security.

     

    Return To KnowBe4 Security Blog

    Free Ransomware Simulator Tool

    Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

    KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

    RansIm-Monitor3Here's how it works:

    • 100% harmless simulation of real ransomware and cryptomining infections
    • Does not use any of your own files
    • Tests 25 types of infection scenarios
    • Just download the install and run it 
    • Results in a few minutes!

    Get RanSim!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/ransomware-simulator

    Topics: Security Awareness Training, Ransomware, Security Culture

    Jacqueline Jayne

    ABOUT JACQUELINE JAYNE

    Jacqueline Jayne (JJ) currently serves as a Security Awareness Advocate for the APAC region for KnowBe4. She has mastered the art of communication and influence with 25+ years of experience as a conduit between people and technology. Previously, JJ led a successful cybersecurity education and awareness program that changed behavior and created a security culture.

    Read more from Jacqueline »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews