Fortunately, up until now our clients have had a zero negotiation policy when it comes negotiating with cyber-terrorists. These criminals hold people’s data and network for ransom instead of kidnapping people. Our current negotiation policy is to have a valid backup and be 100% confident it is working everyday.
I know from being in the trenches it takes steady professional human involvement to be 100% confident. Even then a frequent stress test is important to really prove everything in the system works when it is called upon.
We have probably seen 15 times now when our clients data has been almost 100% completely gone unless the ransom is paid. Not once have we asked our clients to open a bitcoin account to pay the terrorist.
When the FBI’s official position is to pay the ransom, the University of Calgary pays the ransom and other really big organizations pay the ransom it is reassuring we have kept our clients from that position.
It turns out terrorism is a good business. This concept has been so lucrative instead of being shut down since appearing over 18 months ago the types of threats are increasing in severity and cost to go free. If this continues it will likely increase the cost of insurance because when data is lost someone is going to pay. If the client has an IT contractor I’m pretty sure the client won’t feel like they are the one who needs to pay….
I believe end user training, disciplined security procedures, and a great backup are all a part of preventing a digital ‘kidnapping’. Technology can also play a great role in prevention. If you have a sense of uneasiness about the security of your data perhaps we should talk.
Working with the team here at pcit there is always that little sense of question everytime we hear a breach occurred. Everyone wants to reach Bernhard, our backup specialist, right away to confirm everything is ok. Once we hear everything is ok calm then ensues. We go on with the restore, the removal of the infection and everyone else goes back to work knowing the resolution is at hand. Another digital heist prevented with no ransom paid and fortunately no lost data.