Task Force Leader Addresses Proposed Mandatory Reporting of Ransomware Payments

An ambitious new public-private plan for combating ransomware proposed by a task force prescribes greater government oversight of ransom payment decisions, such as the recently reported $40 million payment by CNA Financial Corp. Before paying, companies would need to formally evaluate alternatives and report the demands. In this second article in our two-part series, Resilience Insurance chief claims director Michael Phillips, one of three co-chairs who led the 60-expert task force, gives the Cybersecurity Law Report an inside account of the task force’s discussions and explains its recommendations, including a mandate that cloud and managed service providers strengthen cybersecurity. In part one, he discussed a plan to regulate cryptocurrency and generate greater cooperation from the insurance industry. See “Can the Cybersecurity Industry Improve Cooperation to Beat Threats?“ (Jan. 13, 2021).

To read the full article

Continue reading your article with a CSLR subscription.