{"id":8252,"date":"2026-05-25T07:00:00","date_gmt":"2026-05-25T07:00:00","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=8252"},"modified":"2026-05-25T07:00:00","modified_gmt":"2026-05-25T07:00:00","slug":"to-pay-or-not-to-pay-58-of-cisos-say-they-would-pay-the-ransom-for-their-data","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=8252","title":{"rendered":"To pay, or not to pay: 58% of CISOs say they would pay the ransom for their data"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

If you were hit by ransomware tomorrow, would you pay to get your data back? That\u2019s what more than half of CISOs in a recent survey said their organization would do.<\/p>\n

It\u2019s a situation more companies are going to face in future. \u201cAttacks are increasing and continuing to increase,\u201d said Christy Wyatt<\/a>, CEO of security vendor Absolute Software, which commissioned the survey. \u201cCompanies are better prepared to deal with them: Some of the training is paying off and AI is helping. But remember that attackers have all the tools that defenders have.\u201d<\/p>\n

In the survey<\/a> of 750 CISOs in the US and UK, 58% said their organization would be willing to pay to end a ransomware incident.<\/p>\n

This flies in the face of advice from the authorities in both countries. \u201cIt is the UK government\u2019s long-standing position, alongside law enforcement partners, that it does not encourage, endorse nor condone the payment of ransom demands,\u201d said a spokeswoman for the UK National Cyber Security Centre.<\/p>\n

The FBI, too, warns not to give in to ransomware demands, noting that paying only encourages the perpetrators to attack others.<\/p>\n

Another reasons law enforcers advise enterprises not to pay is that there is no guarantee they will get their data back if they do.<\/p>\n

Given the risks, and the disapproval of law enforcement, how many of those CISOs who say they are willing to pay would do so if it came to the crunch?<\/p>\n

It\u2019s hard to get firm statistics because of the perceived stigma, but the evidence suggests a significant number do so.<\/p>\n

Among those companies hit by ransomware, 37% paid the ransom, according to an IDC survey last year<\/a>, but IDC research director for security services David Clemente<\/a> suspects the proportion is higher. \u201cI\u2019m sure that there are many more who have paid it but don\u2019t want to be open about it,\u201d he said.<\/p>\n

That wasn\u2019t the end of things for all who paid the ransom, though: about 5% of them found that \u201cthe decryption was incomplete,\u201d according to IDC.<\/p>\n

A late 2025 survey from insurance provider Hiscox found that only 60% of SMEs that paid a ransom successfully recovered all or part of their data<\/a> as a result.<\/p>\n

Absolute\u2019s Wyatt warned, \u201cYou may get your data back, you may not.\u201d And if you do get your data back, that doesn\u2019t mean you\u2019re the only one who has it: \u201cWe have heard instances of companies paying up and finding that their credentials are being shared,\u201d she said.<\/p>\n

So, does that mean enterprises shouldn\u2019t pay the ransom?<\/p>\n

IDC looked at that and found that companies that had planned for such attacks would be able to resist \u2014 but with ill effects. About 29 percent of companies were able to recover encrypted files from backup,\u201d said Clemente. \u201cHowever, 33% of companies that didn\u2019t pay, found that they could not recover anything.\u201d<\/p>\n

UK retailer M&S didn\u2019t pay up when it was hit by ransomware in April 2025, disrupting internal logistics systems and forcing it to close its online store for months. It estimated the cost of the incident at $400 million in lost operating profit<\/a>.<\/p>\n

The ransomware payment dilemma<\/a> remains an issue for CISOs, but the lesson M&S may point to is that, if a ransomware attack happens, your best bet may be to pay the ransom unless you have confidence in the quality and robustness of your backup. Government and law enforcement may not like it, but they won\u2019t be the ones facing the wrath of shareholders.<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

If you were hit by ransomware tomorrow, would you pay to get your data back? That\u2019s what more than half of CISOs in a recent survey said their organization would do. It\u2019s a situation more companies are going to face in future. \u201cAttacks are increasing and continuing to increase,\u201d said Christy Wyatt, CEO of security […]<\/p>\n","protected":false},"author":0,"featured_media":8253,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-8252","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/8252"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8252"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/8252\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/8253"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8252"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8252"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8252"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}