News, Trends, and Insights for IT & Managed Services Providers
News, Trends, and Insights for IT & Managed Services Providers
Business of Tech | CISA's Jen Easterly: No Ban on Ransomware Payments

Jen Easterly, the director of the U.S. Cybersecurity and Infrastructure Security Agency, dismissed the idea of a ban on ransomware payments in the United States. In a discussion with the former head of the UK’s National Cyber Security Centre, she mentioned the difficulty in reducing ransomware attacks and highlighted the importance of the Cyber Incident Reporting for Critical Infrastructure Act in providing better insights into the cyberattack ecosystem. Easterly also emphasized the need for a Secure-by-Design campaign to address vulnerabilities in technology.

TeamViewer, a remote access software company, experienced a breach in its corporate IT environment attributed to Russian state-affiliated threat actors known as Midnight Blizzard. The breach involved compromised employee account credentials and was contained within TeamViewer’s corporate systems, with no evidence of further access to customer data. The company has taken steps to mitigate risks, including collaborating with Microsoft and implementing stronger authentication procedures.

A survey conducted by Sophos reveals that 76% of companies have strengthened their cyber defenses in order to qualify for cyber insurance coverage. However, respondents have mixed confidence regarding the extent of coverage, with many unsure if their policies cover ransom payments or income loss. Cyberattack recovery costs surpass insurance coverage limits, with only 1% of claimants fully compensated.

Why do we care?

The headline for me is that a ban on ransomware payments is not coming.   I had hoped it would.   Clearly, too much of a stretch for the readiness of most organizations.  

The survey highlights the positive impact of cyber insurance requirements in driving necessary security measures but emphasizes that it is just one part of an effective risk mitigation strategy.    It stands to reason that one way to drive customer action is to get them to get insurance.      But note that cyber insurance is generally a mess.   One could prepare for insurance… and start setting that money aside to self-insure.    And earn some interest in the current market.

Choose your upgrade:

Get the full benefits of Business of Tech Plus

Insider Access

$12/month

Perfect for MSPs and ITSPs that want full interviews, early access, and ad-free listening

  • Programmatic Ad-free private podcast feedSame show, little interruptions
  • Channel Chatter previews1–2 topics with light insights
  • Early access to interview episodesHear it days before public release
  • Monthly Insider BriefTighter analysis you can share internally
  • Extra audio segmentsCut interviews, behind-the-scenes commentary, quick competitive notes
  • Become an Insider for $12/month

    Leadership Access

    $149/month

    Perfect for MSPs and Vendors that run a team and need the extended tactics, executive summaries, and weekly alignment brief

  • All Insider Access benefits plus . . .
  • Invite your teamIncludes access for 5 team members with option to add more
  • Vendor Strategy BriefsThe entire library, plus new analysis every month
  • Channel ChatterAll topics, full insights, complete vendor discussion + sentiment list
  • Quarterly State of the Channel Briefing
  • Monthly AMA submission priorityAsk Dave direct questions, and skip the line
  • Get the Leadership Edge for $149/month

    Vendor Partner

    $500/month

    Perfect for channel companies or vendors looking to deepen their engagement with the show.

  • All Leadership Access benefits plus . . .
  • Get highlighted as a show sponsor You'll get placement in the show notes, throughout the website, and on our dedicated sponsors page.
  • Enjoy regular shout outs You'll be featured in a rotating format during the show
  • Become a show sponsor for $500/month

    Search all stories