I don't think you can enforce such a rule. I think it's a good approach too. Another iss...

ArcHound • today at 11:23 AM • 2 replies • view on HN

I don't think you can enforce such a rule. I think it's a good approach too.

Another issue is that not paying up and risking restore from underfunded ops dept. might be more expensive than paying up AND making a selected executive look bad. And we can't have that, can we.

Replies

wongarsu • today at 11:58 AM

It would make the ransomware statistic go down without actually stopping crime. Any company that considers paying the ransom would have a strong incentive to never report the security incident to avoid being punished for ransom payments

➕ show 2 replies

finghin • today at 11:42 AM

Agreed - it’s not that it’s a bad point but it would be an ineffective rule which is usually an excuse to forgo other more effective (usually more expensive) options

➕ show 1 reply

alt Hacker News

Replies