Considering we have seen an onslaught of attacks targeting various nation states around the world, it is certainly good to see the Australian government taking ransomware seriously. What this regulation may do is dissuade organisations from paying the ransom. Interestingly, recent research has found that 66% of IT and security leaders believe that paying ransom should be made illegal.
With regulations such as this one, it may be one of the ways to make organisations think twice before they pay the ransom, and before further regulations such as making ransomware payments illegal, are considered.
However, regulations only go so far. The onus should always be on technology that actually prevents ransomware attacks, rather than mitigating them once they have already taken hold. Organisations need to invest in solutions that use technology such as deep learning which can deliver a sub-20 millisecond response time to stop a ransomware attack, pre-execution, before it can take hold. This is the only way that organisations can truly stop ransomware attacks, and therefore having to pay ransom.