"After all, people who pay one ransom can often be persuaded to pay another"
And that is why the USA has made it a crime to pay kidnapping money. It worked.
It must be made illegal to pay ransomware scum. Don't pay them and the well dries out, they stop and everyone is better off.
Insurance companies must abolish their policies on this.
Companies need to train their staff and have (better) backup procedures in place.
If you don't do it for yourself, do it for your country.