In the event of a ransomware attack, how likely is your company to pay a ransom if it meant avoiding the leak of company data or significant business disruption?

Very likely8%

Somewhat likely53%

Not very likely19%

Not at all likely17%



2.7k views4 Comments

Senior Information Security Manager in Software, 501 - 1,000 employees
Ransomware is simply an attack against a firm's backup capabilities.

Those that have a good backup/restore capability in place can recovery rather easily.

Those that don’t – have to pay the ransom.
Associate Vice President, Information Technology & CISO in Education, 1,001 - 5,000 employees
The challenge is less about restoration and more about extortion from exfiltration... If data has been stolen, the hard decision making process comes in.

This is when an organization will really be put to the test, depending on what customer / corporate data they hold, the sensitivity of it, and the risk to brand / recognition or legal ramifications.

Never an easy decision making process, but having a solid incident response plan and playbooks and your executive team prepped (simulated crisis) is the way to go.
IT Regional Manager - Senior Consultant - Technical Writer - Blogger in Software, 5,001 - 10,000 employees
I saw this scenario in a couple of companies, and usually pay is not an option. but as we said before if data has been stolen, the hard decision making process comes in.

Pay not give for sure a solution either. Check backup process and test those process are critical. I saw entires datacenters colapsed, and many with good backup process and software fail. Ransomware is and will be a problem that is not near to end, we need to continue improving process but also educate users.
Strategic Banking IT advisor in Banking, 10,001+ employees
I agree with Roberto.   At first, we could be in denial and as long as nothing happened, we could say that we will never pay for this.

All of the sudden, the day you got hit, after exploring all options, you might end up with only 1 option:to pay.   

On our side, this is part of our DR and business continuity plan.   And of course, whether the organization would agree to pay or not, is not disclosed to everyone since it's very sensitive.   

However, it's a good example of 'Hope for the best, Plan for the worst'.

Content you might like

The data19%

The people46%

The processes25%

The policies7%

I wish I knew4%


6k views7 Upvotes6 Comments

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
39.8k views130 Upvotes318 Comments

Community User in Software, 11 - 50 employees

organized a virtual escape room via - even though his team lost it was a fun subtitue for just a "virtual happy hour"
Read More Comments
6.3k views25 Upvotes58 Comments