Ira Winkler, chief information security officer with Skyline Technology Solutions in the US, recommends that CFOs consider ransomware prevention as a cost of doing business. In reflecting on the topic of cybersecurity insurance as a good investment, he opined that ransomware is a key purchase driver because a successful attack is expensive even if you don’t pay ransom.

In this PodChats for FutureCFO, we are joined by James McLeary, managing director, Cyber Risk, Kroll, who will share his opinions on options available for CFOs as they deal with the rising tide of ransomware.
1. From a CFO perspective, is ransomware any different from other threats?

2. Do CFOs make good cybersecurity advocates? To what extent should CFOs get involved when it comes to the lifecycle of cyber threats, including ransomware?

3. We hear of some ransomware threats being conducted in crypto currency. Is the form of payment going to be of a concern to the CFO?

4. How should the CFO address the convergence in the rise of ransomware-as-a-service and other new practices, the increase in reliance on vulnerable IT systems by physical process controls, and the evolving cyber insurance market?

5. Can you cite a good reading material for CFOs when it comes to ransomware readiness?