Abstract

Ransomware has emerged as one of the most pervasive and damaging cyber threats in recent years, posing a significant challenge to individuals, businesses, and governments worldwide (IBM Security, 2023). The firms face the loss of money and reputation, business disruption, and breach of customer trust. Hence, it becomes imperative to prioritize ransomware risk mitigation and integrate it into the business strategy for effective implementation. There are multiple options available to invest in, but managers often face the challenge of ascertaining which mitigation strategies the organization should invest in and to what extent. Our study addresses this dilemma by looking for the allocation of investments in different cybersecurity measures based on the firm’s risk-severity profile and risk appetite.

Share

COinS