Supply chain related firms are the number 1 target of ransomware groups

For most companies, it won't. In fact, most companies that offer cyber insurance are so ignorant they don't even realize that passwords are extremely poor for security and should be replaced by passkeys. However nobody in the insurance sector actually knows what a passkey is.

It's actually because of insurance that this happens. Insurance can create a moral crisis when insurance, for high risk endeavors, is offered and does not have reasonable qualifications. This creates a moral crisis, where companies feel fine about divesting in mitigation.

Cybersecuritysanity.com

This is so terrible. In fact, it's terrorism. It's an attack against the UK, the US and every other NATO state. This can be stopped, but the primary problem (At least in the US) is the existence of poorly qualified cyber insurance, causing a massive moral crisis.

The thing is we can defend against this. The primary cause of cyber attacks, currently, is a lack of economic incentive to defend ourselves. This is the direct result of cyber insurance. Fix cyber insurance and you fix the problem.

No it does not, but I get how that illusion exists. It's not the technology itself. It's a regulatory vacuum that causes companies to implement it poorly. The primary reason is cyber insurance.

It is like this: Cars don't cause accidents, but drunk driving does. If insurance encouraged drunk.

Such a terrible shame. I have been trying so hard to fight the problem of ransomware. The problem is that cyber insurance has been so corrupt that they have made it impossible to win this war.

This is a real shame. Ransomware is always preventable but companies have had their incentives to do better at ransomware prevention undermined by poorly implemented cyber insurance.