Unless you’ve been living under a rock, you know that ransomware is one of the most common and most lucrative cybersecurity rackets today. But despite all the press, ransomware is massively under-reported because companies don’t want bad press. And in most cases, unless it can be proven that data was actually stolen, companies are under no legal obligation to inform the data subjects (you) of these hacks. In part one of my interview with Renee Dudley from ProPublica, we’ll discuss the current state of the ransomware problem and the emergence of cyber insurance and incident response companies to deal with the threat and recover from attacks. And we’ll also see that not all players are above board about what they do.

Renee Dudley is a tech reporter at ProPublica. Before joining ProPublica in 2018, she was a member of the enterprise team at Reuters, where she reported extensively on issues with college-entrance exams. Before joining Reuters in 2015, she worked as a reporter in New York for Bloomberg News and in South Carolina for The (Charleston) Post and Courier and The (Hilton Head) Island Packet. At Bloomberg, she uncovered questionable accounting and unauthorized sales practices at Walmart Inc. In Charleston, her reporting led to the indictment and resignation of South Carolina’s most powerful politician. She received the Society of Professional Journalists’ Pulliam Award in 2010 for her work upholding First Amendment rights while reporting for The Island Packet.