Battling ransomware expenses and compliance concern

Ransomware attacks have emerged as a prominent cyber threat that organisations must confront in the present day. Immediate operational disruption and long-term legal and compliance challenges are the two dangers posed by such attacks.

The average cost of ransom has increased by 13% in just six months, to over USD 258’000, according to the State of Ransomware 2022 report by cybersecurity company BlackFog. Nevertheless, the true economic ramifications transcend the ransom. The average cost of a data breach, as estimated by IBM’s 2023 Cost of a Data Breach Report, is USD 4.54 million. This figure takes into consideration reputational damage and downtime.

Regulatory penalties have the potential to significantly increase these expenses beyond the scope of the attack. Fines under the GDPR may reach 4% of the annual global turnover of a company, or EUR 20 million. California privacy laws permit plaintiffs to recover damages ranging from USD 100 to USD 750 per person per incident. High-risk sectors like healthcare and finance face additional regulatory layers. Companies risk reputational harm in addition to financial repercussions. Regulatory inquiries may engender adverse media attention and undermine public confidence, particularly when industry-specific governing bodies are implicated.

Considering these expenses and compliance concerns, it is imperative that organisations reduce their susceptibility to severe ransomware attacks and data breaches. This requires a proactive strategy to proactively address the issue. In a recently published article, Darren Williams thus proposes adopting a proactive stance and presents the most important data protection measures for compliance.

These are the upcoming dates for our Annual General Meetings:

Thursday, 21 March 2024
Thursday, 20 March 2025