In this sobering tale, a harrowing ransomware attack unfolds, leaving an organization paralyzed and facing a daunting decision. With critical data encrypted and backups compromised, the organization finds itself in a dire predicament, highlighting the sobering realities of cyber threats and the importance of proactive cybersecurity measures.



Here is the verbatim discussion:

It was um like about a let's just say I'm not going to give you too many details but the story makes sense as I go through this like it was about a five million dollar requests they had they had they had encrypted all their data they had no access to anything their backups were were were encrypted they they had not done a good job of separating their backups and and they and they hadn't done a good job of a lot of people have backups but they have they don't test the backups and so the Bad actors get in and they actually encrypted the backups as well so they were kind of you know up GRE um they didn't want to pay they didn't want to pay they had cyber insurance and the and in the US the Cyber insurance company said look they came in they were this it's your decision it's always.



Ransomware Attack Fallout:

The organization grapples with the aftermath of a devastating ransomware attack, where cybercriminals encrypt vital data, rendering it inaccessible.

Despite having backups in place, the lack of proper segregation and testing renders them equally vulnerable to encryption, exacerbating the organization's predicament.

Dilemma of Payment:

Faced with the demand for a hefty ransom, the organization weighs the decision to pay against the reluctance to capitulate to cybercriminal demands.

The existence of cyber insurance adds another layer of complexity, with the insurer deferring the decision to the organization, highlighting the ethical and financial implications at stake.

Lessons Learned:

The narrative underscores the critical importance of robust cybersecurity practices, including regular backup testing, network segmentation, and employee training, in mitigating the impact of ransomware attacks.

Organizations must proactively assess their cybersecurity posture, identify vulnerabilities, and implement effective risk mitigation strategies to safeguard against evolving cyber threats.



The $5 million ransomware dilemma serves as a cautionary tale for organizations worldwide, underscoring the devastating consequences of inadequate cybersecurity measures. By investing in proactive cybersecurity measures, including robust backup procedures, network segmentation, and employee training, organizations can fortify their defenses against ransomware attacks and mitigate potential damages. As cyber threats continue to evolve in sophistication and scale, prioritizing cybersecurity readiness is paramount, ensuring organizations can effectively detect, respond to, and recover from cyber incidents with resilience and confidence.




Dan Lohrmann is an esteemed cybersecurity expert and Field Chief Information Security Officer (CISO) for Presidio, celebrated for his impactful career across both public and private sectors. With beginnings at the National Security Agency and roles at Lockheed Martin and ManTech, he has been recognized as CSO of the Year among other accolades. Dan is also a prolific author and speaker, sharing insights on cybersecurity and technology modernization through his award-winning blog and publications.

Bikash Barai
is credited for several innovations in the domain of Network Security and Anti-Spam Technologies and has multiple patents in USPTO. Fortune recognized Bikash among India’s Top 40 Business Leaders under the age of 40 (Fortune 40-under-40).Bikash is also an active speaker and has spoken at various forums like TiE, RSA Conference USA, TEDx etc.

Earlier he founded iViZ an IDG Ventures-backed company that was later acquired by Cigital and now Synopsys. iViZ was the first company in the world to take Ethical Hacking (or Penetration Testing) to the cloud. 


E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

RSAC Meetup Banner

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)