Preparing for the Next Generation of Ransomware Attacks
Overview
When a ransomware attack happens, it forces many organizations to make a difficult choice—pay the ransom or experience prolonged business or data loss. But there is also another complication for organizations to consider—the government regulators warning companies that payments made to ransomware attackers may constitute violations of U.S. sanctions. Further complicating matters is the move by many organizations to cloud storage. When moving data to the cloud, an organization still retains liability for that data in the eyes of the law. To diminish the regulatory liability related to that data’s security or availability, businesses must ensure they have strong contractual protections to address those scenarios.