Ransomware

Freedom of information request details

FOI request date:

Service: Corporate

The following information was requested:

1. In the past three years has your organisation:

a. Had any ransomware incidents?

b. Had any data rendered permanently inaccessible by a ransomware incident

c. Had any data rendered permanently inaccessible by a systems or equipment failure?

d. Paid a ransom due to a ransomware incident / to obtain a decryption key or tool?

e. Used a free decryption key or tool?

f. Had a formal policy on ransomware payment?

g. Held meetings where policy on paying ransomware was discussed?

h. Paid consultancy fees for malware, ransomware, or system intrusion investigation?

i. Used existing support contracts for malware, ransomware, or system intrusion investigation?

j. Requested central government support for malware, ransomware, or system intrusion investigation?

k. Paid for data recovery services?

l. Used existing contracts for data recovery services?

m. Replaced IT infrastructure such as servers that have been compromised by malware?

n. Replaced IT endpoints such as PCs, Laptops, Mobile devices that have been compromised by malware?

o. Lost data due to portable electronic devices being mislaid, lost or destroyed?

2. Does your organisation use a cloud based office suite system such as Google Workspace?

3. Is an offsite data back-up a system in place for the following?

4. Are the services in question 3 backed up by a single system or are multiple systems used?

5. Do you have a cloud migration strategy? If so is there specific budget allocated to this?

6. How many Software as a Services (SaaS) applications are in place within your organisation?

 

Page last updated on: