Although their tune changes significantly if their own data is compromised in an attack.
This is according to a new report by Veritas Technologies. Based on a poll of 2,000 consumers in the UK, 80 per cent believe businesses should stand up to hackers who demand money and should refuse to pay the ransom. However, if it’s their data businesses are negotiating over, then they believe organisations should pay roughly $860 per user entry.
Furthermore, two thirds (68 per cent) believe they should be personally compensated in case the business fails to retrieve the stolen/encrypted data.
“Whilst it may initially seem like businesses can’t win regardless of whether they pay or not, they are actually getting a clear message from consumers: people want their providers to escape the dilemma of whether to pay, or not to pay, by avoiding the situation in the first place,” commented Simon Jelley, VP product management at Veritas Technologies.
“Our research shows that, if businesses want to please their customers, they need to prepare for an attack and be ready to recover from it – so, if the worst happens, they have tried-and-tested recovery procedures in place and there’s no need to pay out.”
In the early days of ransomware, businesses were advised not to pay, but instead to keep a fresh backup at all times and educate their employees not to click on shady links or download email attachments from suspicious messages.
However, since criminals started leaking the stolen data as well, law enforcement agencies started advising businesses to pay the ransom instead.