Pay or Not to Pay?
Any cybersecurity professional would urge you not to pay the ransom as this would only encourage the attackers to continue targeting your organization. However, many organizations that are affected by ransomware find thems
elves wanting to solve this problem as quickly as possible and start weighing the price of the ransom compared to the value of the data that is encrypted. While initially, organizations say they wouldn’t pay the ransom; the majority will.
Leaders at organizations across the globe are witnessing the alarming rise of ransomware threats, leaving them with the sobering thought that an attack on their business maybe not be a matter of if, but when.
The stakes are becoming higher. Hackers aren’t just demanding money, they’re threatening to reveal sensitive or valuable information if companies don’t pay up.
Performing a Risk Assessment will help you understand if might have to pay a Ransom or it might show that by restoring data, you may only have a minimal loss.
Here is a quick example:
As part of a Risk Assessment, you ask about your backups and backup tests. Your backup engineer tells you they test backups all the time on a periodic basis. The next question is what was tested. Was a full restore of all data sets tested? Remember, this is probably going to be a rebuild. Depending on the response on the test of the restores and the kinds of tests done will be part of the calculations needed to understand if you have to pay the ransom.
If your restores are going to take a few days to restore you may decide that this is what you will be doing.
Remember, paying a ransom will take a few days. Then decrypting the data may also take a few more. This all depends on the size of your data sets.
This is where a Risk Assessment come in to help quantify your decisions.