Melissa Hathaway is globally recognized as a thought leader in the fields of cybersecurity and digital risk management and has relationships with the highest levels of governments and international institutions. She served in two U.S. presidential administrations, spearheading the Cyberspace Policy Review for President Barack Obama and leading the Comprehensive National Cybersecurity Initiative (CNCI) for President George W. Bush. She received the National Intelligence Reform Medal, September 2009 and the National Intelligence Meritorious Unit Citation, December 2011 for her leadership. As President of Hathaway Global Strategies, Melissa brings a unique combination of policy and technical expertise, as well as board room experience that allows her to help clients better understand the intersection of government policy, developing technological and industry trends, and economic drivers that impact acquisition and business development strategies in this field. Ms. Hathaway has a B.A. degree from The American University in Washington, D.C. She has completed graduate studies in international economics and technology transfer policy, and is a graduate of the US Armed Forces Staff College, with a special certificate in Information Operations. She publishes regularly on cybersecurity matters affecting companies and countries. Most of her articles can be found here.
By this expert
Ransomware gangs have been causing extensive damage. It’s time that the government takes them more seriously.
Featuring this expert
Melissa Hathaway joined NPR to discuss cybersecurity and the growing threat of ransomware attacks.
“Ransomware demands have increased exponentially in the last six months, according to Melissa Hathaway, president of Hathaway Global Strategies and a former cybersecurity adviser to Presidents George W. Bush and Barack Obama. The average ransom demand is now between $50 million and $70 million, Hathaway said. While those demands are often negotiated down, she said companies are frequently paying ransoms in the tens of millions of dollars, in part because cyber insurance policies cover some or all of the cost. She estimated that the average payment is between $10 million and $15 million.” — Kartikay Mehrotra and William Turton, Bloomberg
“[T]he U.S. Department of Justice should determine and make clear that paying a ransom is illegal,” Hathaway said in an article posted May 13 by the Institute for New Economic Thinking. “This step would likely force organizations to further invest in their security and ability to withstand and recover from an incident (i.e., increase their resilience). Categorizing ransom payment as an illegal activity would also clearly remove coverage for these types of payments from insurance policies,” Hathaway wrote.” — Charlie Mitchell, Inside Cybersecurity