Comment Cheaper to pay (Score 1) 28
I think that often companies look at the cost of effective cybersecurity vs the cost of paying ransoms. The latter is likely much cheaper. Look at this case, effective ongoing security is probably a lot more than the $22 million they've paid out (once, over ?? years?). It's not necessarily that they are 'idiots' that don't know how to secure their systems, but its simply cheaper not too.
We need a way to make it more expensive for them not to run effective security (e.g. personal responsibility, with gaol time likely).