Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity & Business Resilience

Not your grandmother’s ransomware

By Jamie Singer
Not your grandmother's ransomware
May 24, 2021

It’s no secret that ransomware is an acute threat facing organizations across sectors. From storied corporate institutions to small businesses, no organization is immune. Up until recently, companies could adopt a linear approach to the “pay or no pay” question around ransomware threats. Primary considerations focused on the impact of the operational disruption, the viability of backups vs. the need for a decryption key, and the scope of cyber insurance coverage.

However, the significant shifts we are witnessing in today’s ransomware landscape and threat actor tactics are putting increased pressure on organizational leadership to re-evaluate not only their decision-making process around ransom payments, but also how they mitigate reputational risk surrounding these issues.

These significant shifts in ransomware include:

  1. Increase in data exfiltration. Data exfiltration now occurs in approximately half of ransomware attacks, often involving data breach notification requirements and reputation management considerations that accompany public disclosure.

 

  1. Prevalence of leak sites. A growing number of threat actor groups – Conti, Egregor, Maze, etc. – have created public leak sites to pressure companies to pay or otherwise risk having their data posted in a public display of “naming and shaming,” which can be reputationally damaging.

 

  1. Regulatory and industry influence on payment decisions. In October 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) warned U.S. organizations, including insurance providers, of potential “sanction risks” for facilitating ransom payments to threat actors. In addition, New York State Department of Financial Services (NYDFS) issued guidance in February 2021 to the insurance industry recommending against ransomware payments because they “fuel the vicious cycle of ransomware.”

 

  1. Unreliability of threat actor promises. Several threat actor groups – including Sodinokibi – have been known to fall back on their promises around data leaks and/or re-extort companies even after receiving an initial payment.

 

  1. New extortion tactics. In the last few months, we continue to see threat actors evolve their tactics to involve double-extortion strategies including DDoS attacks and voice calls to media and victims’ business partners.

Best-practice incident response preparedness must extend beyond a single or simple tool or solution.

Organizations should adopt a comprehensive approach to building ransomware resilience by incorporating the following:

  1. Risk assessments and mitigations across multiple layers of security. Organizations should proactively assess their risks by performing enterprise-wide gap analyses not only of their data security practices, but also across the organization’s personnel and physical security infrastructure to best protect against both internal and external threats.

 

  1. Pre-established relationships and resources. The middle of a ransomware attack is a sub-optimal time to inquire about critical external partners and resources. In advance of an issue, it’s important that companies explore cyber insurance coverage, as well as establish relationships with external cyber law firms and strategic communications partners. By building familiarity with these teams, policies and processes on the front end, companies will spend less time working to establish this rhythm in the midst of a crisis.

 

  1. Employee education and internal awareness building. Organizations should invest in proactive education, awareness building and training for their employees around critical data security risks to both mitigate risk and better prepare their organizations for how to identify and escalate issues. It’s also important to remind employees about media and social media policies as a regular course of internal communications to limit the risk of public leaks during a ransomware event.

 

  1. Scenario-based incident response plans. Incident response preparedness that is highly focused on scenario-based communications plans is critical to mitigate reputational risks. Best-practice incident response communications plans for ransomware should contain strategic communications considerations, stakeholder engagement considerations and communications materials across key ransomware scenarios – including prolonged operational disruption and data leak/exfiltration. For publicly traded companies in particular, it is important to pre-identify criteria and guidance for potential financial disclosures.

 

  1. Training and tabletop exercises for leadership teams. The best-laid plans can often go to waste if they are left to collect dust. Tabletop exercises, trainings and crisis simulation exercises for incident response teams and C-suite decision makers are imperative for identifying gaps in preparedness and for building muscle memory for effectively responding to ransomware threats.

There is every indication that ransomware threats will continue to increase in velocity and impact, and stakeholders will expect that organizations have plans in place to address these issues. It is incumbent upon senior security leadership to invest the time now to thoughtfully prepare their organizations to address and mitigate the operational, legal, financial and reputational risks associated with this increasingly complex and, in many ways, inevitable threat. 

KEYWORDS: cyber security cybersecurity defense cybersecurity preparedness ransomware reputation security reputational risks

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Jamie Singer is Executive Vice President and Director of Data Security, Privacy and Crisis Communications at Resolute CyberStrategies. A nationally respected crisis communications advisor, Singer led one of the largest cybersecurity practices in the U.S. She is recognized for her exceptional ability to strategically lead clients through the complexity of a high-impact crisis in a challenging environment with a critical eye on reputation management and responsive crisis communications. Singer has counseled Fortune 500 companies and public sector organizations through some of the biggest reputational crises of the past decade, ranging from large-scale cyberattacks to workplace violence to litigation issues.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Columns
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Rolled bills

    To pay or not to pay? Negotiating in the age of ransomware

    See More
  • A first-hand account of one CISO's response to ransomware

    A first-hand account of ransomware: To pay or not to pay

    See More
  • data privacy

    How a culture of privacy can help protect your business from ransomware

    See More

Related Products

See More Products
  • 1119490936.jpg

    Solving Cyber Risk: Protecting Your Company and Society

  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • databasehacker

    The Database Hacker's Handboo

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing