To pay, or not to pay, that is the question... Should I pay the ransom?
Paul J. Mocarski
Chief Information Security Officer and Vice President IT Infrastructure
Ransomware is a serious concern for businesses. It is not just an issue for information security or technology leaders to be concerned about. Ransomware has the potential to cripple an organization resulting in material impact to the business. Business leaders need to be proactive in their planning on how to deal with a ransomware event.
The FBI provides security leaders a guide on How to Protect Your Networks from Ransomware. The pamphlet provides the following guidance regarding the paying of a ransom: “USG does not encourage paying a ransom to criminal actors. However, after systems have been compromised, whether to pay a ransom is a serious decision, requiring the evaluation of all options to protect shareholders, employees, and customers. Victims will want to evaluate the technical feasibility, timeliness, and cost of restarting systems from backup.” So, paying of the ransom is discouraged but it is a business decision whether or not to pay the ransom. The best time to decide whether or not to pay a ransom is not after the systems are compromised; these decisions should be made before a successful ransomware attack.
Organizations should develop playbooks that guide their actions in the event of a ransomware event. Response activities should focus on most likely events, most dangerous events, and feasible scenarios between these two extremes. Development of these scenarios should be based on current threat information and consider important business data and operations. Using a risk-based approach, security leaders can work with business leaders in determining when a business is willing to pay a ransom and the amount they are willing to pay. At a recent CISO event, a peer recommended having a secure system in place that has the ability to obtain and transfer Bitcoins as required. This is great advice and should also be considered.
Prior planning will assist in the response and recovery from a ransomware event. Deliberate and thoughtful assessment of payment options in a planning session is preferred over having to make these decisions during a stressful crisis. While a true crisis may not perfectly match the evaluated scenarios, the playbooks will still serve as a guide regarding organizational appetite for risk.
GTM Expert! I produce over 40 leads per month for my clients! 25 years of Sales Experience, Lead Gen Automation, Air Force Veteran, Brazilian Jiu Jitsu Black Belt, Muay Thai, Saxophonist, Scuba Diver
6moPaul, thanks for sharing! Any good events coming up for you or your team? I am hosting a live monthly roundtable every first Wednesday at 11am EST to trade tips and tricks on how to build effective revenue strategies. I would love to have you be one of my special guests! We will review topics such as: -LinkedIn Automation: Using Groups and Events as anchors -Email Automation: How to safely send thousands of emails and what the new Google and Yahoo mail limitations mean -How to use thought leadership and MasterMind events to drive top-of-funnel -Content Creation: What drives meetings to be booked, how to use ChatGPT and Gemini effectively Please join us by using this link to register: https://www.eventbrite.com/e/monthly-roundtablemastermind-revenue-generation-tips-and-tactics-tickets-1236618492199
Head of Technology
2yPaul, thanks for sharing!
Fractional or Interim Design and Innovation Leadership | HCM, Transformation and Governance | ISO37000 | Entrepreneur, Futurist & Thought Leader | EU & UK Citizen | AI CX Customer Agility Framework ™ | Agile World ®
6yI’ve had quite a few of these, I tend to back trace the people involved and make their digital experience unpleasant.