back to article Ex-NSA bigwig Chris Inglis appointed America's national cyber director by Senate

Chris Inglis was last week appointed America’s national cyber director, responsible for coordinating the government’s computer security strategy and defending its networks. The former deputy director at the NSA, who spent nearly three decades at the agency, was approved by the Senate on Thursday. The United States has been …

  1. Anonymous Coward
    Anonymous Coward

    "Around a third of those hit by ransomware reported C-level execs exiting after an attack..."

    This is cast as a bad thing, which seems to reverse cause and effect. Instead of seeing this as a talent exodus caused by the attack, we could instead see it as accountability being enforced by the directors. An organisation that's in bad enough shape to suffer a successful ransomware attack certainly ought to be taking a hard look at whether its IT leaders have been doing their jobs. But if the organisation's confidence in its ability to recover is also so low that they chose to pay criminals instead, that pretty much guarantees heads need to roll. The disgusting thing is that this figure is only 1/3. What were the owners of the other 2/3 of those companies thinking as they sent their money to criminals? If they were thinking about how to retain their CEO and CIO, I suppose they're getting exactly what they deserve!

    1. batfink

      Unfortunately, I'd guess that the other 2/3 were just getting their Risk/Reward calculations wrong.

      I've been in a lot of places where Those On High run their businesses with a lot of risk - for example, not spending money on proper security. The rewards of that approach can be high for them, providing they don't get hit during their incumbency. Sometimes I have actually wondered whether they actively take this approach, or just stick their fingers in their ears and hope.

      Even more unfortunate is the fact that they will get to keep the rewards and it's the company who pays for the impact of the failure.

      TalkTalk was the classic example. The downside of the TalkTalk hack was that it demonstrated that the C-Level crew can get away with even such an egregious failure, with a few lies about "our customers' security is our highest priority". The TalkTalk debacle doesn't seem to have done Dido Harding's career the damage it should have done.

      (<Deity(s)> forbid she actually gets the job of heading the NHS. If that happens, I'm leaving the country.)

    2. iron Silver badge

      "Paying off ransomware extortionists is a fool’s errand, costing businesses not only cash but talent..."

      "Around a third of those hit by ransomware reported C-level execs exiting after an attack..."

      And here I thought "talent" was the people that actually do the work rather than the ones who just take the credit when it goes well. Silly me.

  2. razorfishsl

    It should be made a criminal offense to assist hackers by not patching computer systems....

    Same way supplying items to a criminal to pull off a heist.....

    1. Anonymous Coward
      Anonymous Coward

      You'd have half of public sector IT staff locked up as many can't update due to other departments having out of date systems.

      It's simple to say - update everything! but in many cases the resources haven't been present to allow that to happen for years.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like