According to a panel of security professionals, corporate boards, cybersecurity professionals, insurance companies and government bodies are all reviewing their security policies and risk management procedures.

We’ve recently collaborated with Mimecast on two whitepapers on the topic of “Ransomware”. This type of cyber-attack has been around for a long time, however with the change in peoples lifestyles and working environments, has resulted in an increased amount of ransomware attacks across multiple industry sectors, especially healthcare, local government and the education sectors.

WHAT IS A RANSOMWARE ATTACK?

A ransomware cyber-attack occurs when malicious software is used to deny a user or business access to a computer system or data. This can be detrimental to a company or organisation and in some cases terminal. Therefore, being aware of this potentially happening to you will put you in a better position than you are in already if you haven’t got any protection in place for a ransomware attack.

Companies that fall victim find themselves in an impossible situation. No one wants to pay—preventing ransomware altogether is the goal—but many feel they have no choice. Even worse, there are no guarantees. In recent research from Mimecast, 61% of respondents to an annual State of Email Security 2021 survey said they had experienced a ransomware attack in the

last 12 months. Of those respondents, 52% paid the ransomware, but over a third never recovered their data.

Read Mimecast’s 10 ways in which to prevent a ransomware attack here.

DO YOU EVER PAY A RANSOM?

The big question on everyone’s lips is “to pay or not to pay”. For the larger organisations this is becoming a growing concern, as in certain circumstances it can be more financially beneficial to pay a ransom than it is to sacrifice the asset/threat the cyber-attack has against you.

The reality is that organisations across the globe need to develop a ransomware payment policy, anticipating a potential future attack. It is never advisable to pay ransoms, however businesses should seek legal counsel, recommendations from your cyber insurance providers, advise from law enforcement before making any final determination as to the appropriate course of action.

 

Read Mimecast’s whitepaper ‘To Pay or Not To Pay’ here.

More posts