Too often we read news articles about counties and cities that have been hit by ransomware. In many of these instances, public safety has also been affected. These local governments and agencies must face a difficult decision: "Should we pay the ransom?" This topic of “paying the cyber-criminal’s extortion demands” has not been given a very deep analysis, especially considering the impact of these attacks. As part of a good Incident Response Plan, this topic should be addressed in advance of the emotion surrounding a cyber-crisis.
Key questions that need to be asked and answered:
- Can you trust the hacker to provide the encryption keys?
- What are the possible good reasons for paying the ransom?
- Will paying really reduce costs or speed up recovery?
- What “unintended consequences” might result?
- How does cyber-insurance influence the decision-making process?
In this on-demand webinar, we debate this topic and provide multiple perspectives: law enforcement, cybersecurity, cost-benefit, public relations, speed-of-recovery and others. Though there may not be a hard-and-fast answer, we will discuss the parameters to consider, making it easier to rationally address the issue in advance of any cyber incident. Public Safety Agencies are experts at “being prepared” – we encourage you to join us and make this another facet of your preparation, improving the cybersecurity posture of your public safety agency.