It’s the kind of note that grabs you by the shirt and doesn’t let go: “All of your files are stolen and encrypted.”
The next thing you read is the extortion demand: pay up, or else.
In this scenario, your organization has a limited amount of time to ask a series of critical questions before making the ultimate choice. Are you defined as critical infrastructure? Is personal identifiable information at risk? Answers to those questions as well as others will lead to other questions, all of which will contribute to the ultimate question: Do you pay the ransom or not.
Click here to download the five-step decision-making tree to support your organization's efforts to first, identify gaps that could influence response to a ransomware attack; and second, understand some of the implications of a ransom payment for organizations.