Ransomware Experts Agree: Don't Buy Data Deletion PromisesAlso: UK's Data Commissioner Gets Tough; New Efforts to Combat Ransomware Attacks
The latest edition of the ISMG Security Report discusses why it is always a bad idea for organizations to pay hackers for data deletion, practical steps organizations can and should take to avoid being at the heart of a data subject complaint, and the latest efforts to tackle the ransomware threat.
In this report, you'll hear (click on player beneath image to listen):
- ISMG's Mathew Schwartz explain why organizations that fall victim to a ransomware attack should never pay attackers for a promise to immediately delete the stolen data. Chances are, the data will be sold or leaked even if you do pay.
- Edward Machin of law firm Ropes & Gray, offer advice on how to avoid being at the heart of a data subject complaint - following a surprise move by Britain's Information Commissioner's Office to publish a register of data breaches and individual complaints.
- Cybersecurity veteran Jen Ellis discuss recent efforts to battle ransomware, including a new project taken on by think tank RUSI.
The ISMG Security Report appears weekly on this and other ISMG websites. Don't miss the Dec. 8 and Dec. 15 editions, which respectively discuss the mistakes enterprises commonly make when building ransomware defenses and how prosecutors accuse FTX's founder of crypto-based "deception."