Would You Pay a Cyber-Extortionist?

Organizations that have suffereda ransomware attack before are more likely to pay up again, and keep mum about it too, according to a ThreatTrack study. Overall, 30 percent of enterprises surveyed said they would negotiate with cybercriminals for the safe recovery of stolen or encrypted data. In companies that had been victims of cyber-extortionists before, that number jumped to 55 percent.

Eighty-six percent of respondents believed that other organizations have negotiated with cyber criminals, and 23 percent (43 percent of previous victims) said enterprises should start budgeting money for the purpose of paying ransoms. Fifty-nine percent of all respondents say cyber insurance providers should hire professional negotiators to liaise between victim organizations and criminals.

Most opposed to the idea of paying ransoms were healthcare enterprises (92 percent against) and financial services (80 percent against). Respondents in retail and telecom sectors were most concerned about their reputation with consumers should an attacker choose to publish stolen data if the company refused to pay.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.

ON DEMAND: Apple Mac computer use is growing in the corporate space. Having the solutions and the knowledge base to respond to events that include Mac computers is just as important as their Windows counterparts.