In the event of a ransomware attack, how likely is your company to pay a ransom if it meant avoiding the leak of company data or significant business disruption?
Very likely8%
Somewhat likely53%
Not very likely19%
Not at all likely17%
Unsure2%
633 PARTICIPANTS
Associate Vice President, Information Technology & CISO in Education, 1,001 - 5,000 employees
The challenge is less about restoration and more about extortion from exfiltration... If data has been stolen, the hard decision making process comes in.This is when an organization will really be put to the test, depending on what customer / corporate data they hold, the sensitivity of it, and the risk to brand / recognition or legal ramifications.
Never an easy decision making process, but having a solid incident response plan and playbooks and your executive team prepped (simulated crisis) is the way to go.
IT Regional Manager - Senior Consultant - Technical Writer - Blogger in Software, 5,001 - 10,000 employees
I saw this scenario in a couple of companies, and usually pay is not an option. but as we said before if data has been stolen, the hard decision making process comes in.Pay not give for sure a solution either. Check backup process and test those process are critical. I saw entires datacenters colapsed, and many with good backup process and software fail. Ransomware is and will be a problem that is not near to end, we need to continue improving process but also educate users.
Strategic Banking IT advisor in Banking, 10,001+ employees
I agree with Roberto. At first, we could be in denial and as long as nothing happened, we could say that we will never pay for this.All of the sudden, the day you got hit, after exploring all options, you might end up with only 1 option:to pay.
On our side, this is part of our DR and business continuity plan. And of course, whether the organization would agree to pay or not, is not disclosed to everyone since it's very sensitive.
However, it's a good example of 'Hope for the best, Plan for the worst'.
Content you might like
The data19%
The people46%
The processes25%
The policies7%
I wish I knew4%
381 PARTICIPANTS
Control required by law.67%
Business recommendations.32%
536 PARTICIPANTS
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.Community User in Software, 11 - 50 employees
organized a virtual escape room via https://www.puzzlebreak.us/ - even though his team lost it was a fun subtitue for just a "virtual happy hour"
Those that have a good backup/restore capability in place can recovery rather easily.
Those that don’t – have to pay the ransom.
https://engineering.tapad.com/ransomware-why-its-so-easy-and-makes-so-much-economic-sense-e6bdc6fe29d9