Australia's government is considering a ban on ransomware payments — do you think that could be effective? Why or why not?

Threat Intelligence & Incident Response Regulatory Compliance

4k views2 Upvotes19 Comments

Sort by:

VP of IT in Manufacturing2 years ago

Yes. It would be a good step but will not be effective in isolation. Not only the greed of the cyber criminals needs to be controlled but the implementation also needs to be effective.

Secondly the tracking mechanisms for the ransomware needs to be improved and successfully closed cases highlighted so that others have the confidence in the law enforcement.

Director of IT in Education2 years ago

I think it is a good thing to remove the incentive to cyber criminals. However, it also should be dealt with on a case by case basis, if a company cannot continue without accessing their data, then they might be out of business fast. A cost benefit analysis should be considered in certain cases.

Director of IT in Software3 years ago

I like this move and hope that other country will follow it. I am certain that it will be effective

Director, Strategic Security Initiatives in Software3 years ago

It's could be effective.

VP of Information Security in Finance (non-banking)3 years ago

This will redirect attention to other segments or sectors. Good move.

Content you might like

Are CISA's current recommendations for preventing Maui ransomware attacks sufficient?

Yes, if followed correctly.39%

Unsure38%

No, there is still a significant risk.19%

Other (please tell us in the comments)3%

View Results

Do you have a person at your company specifically focused on payments (e.g., VP of Payments)?

Yes65%

No35%

We implemented Oracle HCM recently including Redwood. Defining the long term plan for support, we face challenges with our Oracle Security knowledge depth specifically (defining and maintaining roles/ SOD/ SOX etc). Is there anyone who has experience in setting this up after a successful Oracle HCM plus Redwood implementation and would like to share best practices with me?

I'm looking for an open-source IGA solution, has anyone had any experience they can share?

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?