Ransomware —

The Governance and Compliance Advantage

Over the past five years, the McGrathNicol Cyber team has tracked the increasing sophistication and evolution of the ransomware model. The tactics are changing, and so too are attitudes towards reporting and ransom payments. Here, we outline key findings and trends for the financial services sector.

Governance requirements, particularly around anti-money laundering and terrorist financing, create additional complexity for financial services leaders when responding to a cyber attack.

Financial services organisations demonstrate a sophisticated governance approach to ransomware risk, with 91% having formal board notification protocols in place compared to 80% overall. This governance maturity translates into a competitive advantage and more strategic decision-making in payment decisions. However, the sector’s regulatory environment adds further complexity for leaders.