@adamshostack I would like it to be illegal for insurance companies to pay ransoms. The market is giant and lucrative because of the amount of money flowing in via these companies. Threat actors playbook involve finding the cyber insurance policy after the initial access and extorting them for the amount of coverage in the policy. The cost to pay a ransom is distributed to everyone who buys cyber insurance in the form of the six figure insurance premiums everyone pays up front. This model is creating massive financial incentives for cybercrime that didn't exist anywhere near this scale until cyber insurance made it possible for every business to be a multi million dollar jackpot for hackers.