Some interesting commentary in that piece. Bennett's comment "This isn’t push one button, pay $500 and you’ve got a solution" I think is something cybersecurity professionals have been preaching for decades. Security is a cultural attribute, like quality or hospitality. You can't buy it.
I think the larger problem is we have yet to legally sort out liability for cyberattacks. If manufacturers (software, IoT, etc.) were sued for malpractice and but a single case decided in favor of a plaintiff, then you'd see a massive change in thinking. Similarly, if a health provider is frozen by ransomware, the board of that organization should be subject to investigation, much as would happen if some institutional fraud occurred. What we are dealing with in cyberattacks is not an act of God, nature, or even (in most cases) ingenuity. What we are dealing with is corporate negligence, a failure to protect against relatively simple, well-known attacks, that are becoming more and more automated.
Something that Bennet says that I think is wrong is about older folks being especially susceptible to cyber scams due to their unfamiliarity with technology. I think as has been borne out in other studies (FBI, etc.), older folks tend to be more skeptical or alert to potential scams than young folks whose thumbs move faster than their brains.
Cyber criminals have packaged ransomware and other malware tools into as-a-service offerings so easy to use that even rank novices will be launching devastating cyber attacks during 2023 at almost no cost, a new assessment of the threat landscape has warned.Cyber criminals were also successfully refining their techniques for ‘living off the land’, in which they use legitimate and unsuspicious network tools to evade network security monitors and plant malware.