Cooperative Spectrum Sensing (CSS) was envisioned to improve the reliability of spectrum sensing process in cognitive radio networks. However, CSS is prone to security threats that degrade the overall performance. A popular attack in CSS is called spectrum sensing data falsification (SSDF) attack. In SSDF attack, a malicious user sends false spectrum sensing results to the fusion center, which significantly degrades detection accuracy and energy efficiency. In this paper, an attacker-punishment policy is proposed. The proposed policy is based on relating the scheduling probability for each user to its sensing performance, representing a punishment for attackers and a reward for honest users. The proposed policy includes identifying attackers, ignoring their reported results, and assigning a proper scheduling probability to each user. Two different approaches are presented to accomplish the proposed policy, namely, Majority-based Assessment and Delivery-based Assessment. Simulation results show that the proposed policy improves the individual energy efficiency of the honest CUs, and degrades the energy efficiency of the attackers.