To Pay or Not Pay the Ransom
Let’s say you did not perform the first step of backing up and testing your data, and your data is held ransom. Do you pay to get it back? See the most recent advisory from the US Department of Treasury noting potential sanctions. There has been an increase in ransomware demands since COVID and this sometimes encourage future ransomware payment demands.
“Companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, not only encourage future ransomware payment demands but also may risk violating OFAC regulations.”
https://home.treasury.gov/system/files/126/ofac_ransomware_advisory_10012020_1.pdf
As part of cybersecurity awareness month CLA hosted three webinars where ransomware and other topics were discuss under: 1) ‘Data Breaches – Mitigation and Response Strategies‘, 2) ‘Risks and Trends in Cybersecurity and Fraud‘, and 3) ‘Purple Network Eaters – Live IT Security Attack and Defense‘ . Please see the recording and PowerPoint below:
https://www.claconnect.com/events/2020/cybersecurity-webinar-series-10-27-2020
https://www.claconnect.com/events/2020/cybersecurity-webinar-series-10-13-2020
https://www.claconnect.com/events/2020/cybersecurity-webinar-series-10-20-2020
Kadian currently works with the Information Security Services Group as well as higher education group providing compliance services, outsourcing and co-sourcing engagements and information security assessments.
Comments are closed.