Would You Pay a Cyber-Extortionist?

Organizations that have suffereda ransomware attack before are more likely to pay up again, and keep mum about it too, according to a ThreatTrack study. Overall, 30 percent of enterprises surveyed said they would negotiate with cybercriminals for the safe recovery of stolen or encrypted data. In companies that had been victims of cyber-extortionists before, that number jumped to 55 percent.

Eighty-six percent of respondents believed that other organizations have negotiated with cyber criminals, and 23 percent (43 percent of previous victims) said enterprises should start budgeting money for the purpose of paying ransoms. Fifty-nine percent of all respondents say cyber insurance providers should hire professional negotiators to liaise between victim organizations and criminals.

Most opposed to the idea of paying ransoms were healthcare enterprises (92 percent against) and financial services (80 percent against). Respondents in retail and telecom sectors were most concerned about their reputation with consumers should an attacker choose to publish stolen data if the company refused to pay.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.