Following the leak of details of ransom negotiations between Royal Mail and ransomware group LockBit:

David Bicknell, Principal Analyst in the Thematic Intelligence team at GlobalData, offers his view:

“It is rare for the details of ransomware negotiations to find their way into the public domain. Those responsible for company cyber breach plans must learn lessons from them.

“Instead of negotiations being opaque, companies now have an unexpected insight into how ransomware groups’ minds work and how a negotiation might play out. They can also plan for the extent of a ransomware demand. LockBit demanded a ransom figure Royal Mail could not countenance paying. No-one will reasonably expect a company board to authorize a ransom payment of $80 million, unless the accountants said it was necessary to safeguard the business’s future.

“Boards must understand that ransomware could be a potential wrecking ball to their business. The time to develop an anti-ransomware strategy and enlist the help of cyber experts is before an attack happens.”