As an IT Professional and key voice in managing the ever-growing risks to your organization’s data, you probably have a number. Everybody’s got a number. The number represents the amount of money you would pay to simply make a problem go away. It’s a combination of risk/reward calculus and cost of doing business. How does that math change, though, when hackers hold your data for ransom?
Hollywood Presbyterian Medical Center in Los Angeles has a number. According to a recent Washington Post article, their number was $17,000, payable in Bitcoin, and they paid it readily to get their data back. This is a hospital with 500 doctors and over $200 million in annual revenue, so $17,000 may not seem like a hardship. Given the same scenario and math, you might even make the same call. Everybody’s got a number.
While we grow increasingly dependent on the system, malicious software is generated at the astounding rate of nine new threats per second, from the very simple to the very complex. The cost of recovering breached records and lost revenue is only going up. Not everyone or everything is entirely trustworthy in the ether.
Should you reward the hackers who intentionally keep the ransom low, knowing that if they set it too high, you’ll seek out the moral high ground? Keep it low, and they make it very tempting math. And they’ve got very little skin in the game, so every Bitcoin is gravy.
As you look ahead, let ICS help you do the math. We keep the numbers low and expectations high, and that about sums it up.