Ransomware: Over Half of CISOs Would Consider Paying Ransom to Hackers

Ransomware remains a top‑tier threat for enterprises, with attackers leveraging increasingly sophisticated encryption tools and, more recently, AI‑generated payloads. The financial lure of a quick payout can appear attractive when a breach cripples critical systems, but regulators in the U.S. and Europe are tightening legal frameworks that penalize ransom payments. Companies therefore face a paradox: the need to restore operations swiftly versus the risk of funding criminal enterprises and violating compliance mandates.

The Absolute Security survey provides a granular view of this dilemma. U.S. CISOs show a higher propensity to pay, likely reflecting larger attack surfaces and tighter profit pressures, while U.K. leaders cite GDPR complexities and legal uncertainty as deterrents. Notably, 57% of respondents who experienced an attack required up to a week to recover, and no organization restored services within 24 hours. This disparity between perceived readiness (83% confidence) and actual recovery timelines underscores a systemic resilience gap that attackers can exploit.

For boardrooms and security teams, the takeaway is clear: investing in robust backup architectures, automated restoration processes, and AI‑enhanced detection can reduce the perceived need for ransom payments. Governance frameworks should embed clear decision‑making protocols that weigh legal exposure against operational loss. As cyber‑criminals adopt AI to accelerate encryption and extortion, organizations that prioritize proactive resilience will not only protect their bottom line but also diminish the profitability of ransomware as a business model.