In this digital age, the data held by an organisation can be one of its most important commodities. Threat actors (also known as malicious actors) recognise this and as such, cyberattacks have been on the rise. In particular, ransomware attacks have increased in frequency – studies have found that more than three-quarters of UK businesses were affected by ransomware in 2021. This is to be expected, not least because an organisation can still experience significant disruption, even where it is not the target of a ransomware incident (for example, it could be that an organisation further up or down the supply chain may have been affected).
So what should a company do when their data is being held captive? Should they submit to the demands of the threat actor and simply pay? Or should they refuse to back down, on moral grounds (amongst other things)?