An ambitious new public-private plan for combating ransomware proposed by a task force prescribes greater government oversight of ransom payment decisions, such as the recently reported $40 million payment by CNA Financial Corp. Before paying, companies would need to formally evaluate alternatives and report the demands. In this second article in our two-part series, Resilience Insurance chief claims director Michael Phillips, one of three co-chairs who led the 60-expert task force, gives the Cybersecurity Law Report an inside account of the task force’s discussions and explains its recommendations, including a mandate that cloud and managed service providers strengthen cybersecurity. In part one, he discussed a plan to regulate cryptocurrency and generate greater cooperation from the insurance industry. See “Can the Cybersecurity Industry Improve Cooperation to Beat Threats?“ (Jan. 13, 2021).