“Although guidance is not to pay, desperate decisions are made in desperate times”
Rob Pooley, Co-Founder, Seapio Solutions
What would you advise customers who are hit by a ransomware attack in 2024? Are there any circumstances where they should consider paying the ransom?
In the event of ransomware, I’d like to think Saepio customers would refer to their cyber incident response plan and follow a well-rehearsed incident management procedure helping them recover with minimal impact and no ransom payment.
The reality is many organisations are not well enough prepared for critical cyber incidents and although guidance is not to pay, desperate decisions are made in desperate times. The percentage of victims that pay remains shockingly high, however it is reducing due to increased awareness of double extortion tactics from the criminals, more sanctions on making payments and clear guidance from insurers, legal professionals and consultants like Saepio to recover promptly without paying. Our message is ‘be prepared, not scared’.
Will advancements in AI help or hinder ransomware levels, and in general do you expect ransomware attacks to continue increasing?
AI is helping the defenders just as much as the attackers. There are many AI native solutions that Saepio help our customers implement and operationalise to out innovate their attackers. The National Cyber Security Centre produced a report earlier this year highlighting that AI will change the cyber threat level, enabling attackers to precisely and quickly compromise victims.
We very much expect ransomware incidents to increase in frequency and impact, especially hurting organisations that have not simulated their response plan and fail to embrace modern AI fuelled solutions to detect and contain attacks.
Is there a silver bullet you recommend to customers to prevent, or at least minimise the chance of, being hit?
There is no silver bullet, but the closest I can think is CEO and board investment into cyber resilience. Every organisation should understand their level of cyber risk and have a plan to rightsize their resilience to attacks like ransomware. This involves more than deploying modern technology like EDR, email security and immutable back ups. It involves good cyber incident response processes, a culture of security awareness across all staff, robust supply chain risk management and good relationships with specialist partners providing best practice guidance.
To pay or not to pay? What does Daisy Corporate Services COO Lyndsey Charlton believe? See next page for more…
