I would suggest that we start with the safe harbour legislation. Make it easier for organizations that have been attacked, through any of the methods, to not just report that they were attacked but to tell the world what happened. That creates transparency on the threat and helps other organizations. Echoing what Michael was saying, it's a team sport. If we are telling each other what has happened and how people got into our systems, it will prevent further attacks.
I think that is the easiest thing to do, the safe harbour legislation.
On the cryptocurrency side, you would have to really speak with the banks to find out. There is no transparency on cryptocurrency. That's the nature of it. Who has been paid what, by whom and when is very difficult to speak to.