As reported by the UK's National Cyber Security Centre (NCSC), the threat posed by ransomware is evolving.

Within security, we frequently talk about the CIA triad - confidentiality, integrity and availability - and until recently many businesses failed to consider the impact to availability of being locked out of their own data.  A gap that ransomware exploited by encrypting your files with military-grade algorithms and then demanding payment.

Previously organisations prepared for these attacks, simply ignored the ransom demand while restoring from backups.  However, attackers are now threatening to post stolen information online - exposing organisations to regulatory fines, loss of IP, reputational damage and more.

These attacks are becoming more sophisticated with attackers spending weeks or more inside corporate networks before finally deploying ransomware, timed to achieve the greatest impact.

The NCSC has practical advice on protecting your organisation from the next attack and mitigating the impact.  With limited budgets and resources, the approach should be risk-based - targeting your most vulnerable systems - while showing a return on investment for the board.