Because “we’ll just restore from backup” isn’t always that simple.

Imagine this: you come into work one morning, switch on your computer, and instead of your usual dashboard, you see a big red screen that says your files are encrypted. There’s a countdown clock and a demand: Pay EUR 50,000 in Bitcoin or lose everything.
No emails. No files. No access to customer data, invoices, or even your calendar.

This isn’t the plot of a bad TV drama. This is ransomware, and it’s one of the fastest-growing threats facing businesses today. But don’t worry: by the end of this article, you’ll know what it is, how it works, and what questions to ask to keep your business out of the headlines.

What is ransomware, exactly?

Ransomware is a type of malicious software (malware) that locks or scrambles your files and systems, and then demands a ransom payment to unlock them.

It’s like a digital version of someone changing all the locks in your office, then slipping a note under the door saying, “Pay us, or you’ll never get back in.”

But unlike traditional break-ins, ransomware is usually silent until it’s too late – no broken windows, no alarms, just a screen full of bad news.

How does it get in?

Usually, the same way most cyber nasties do – through human error.

• Someone clicks on a dodgy link in an email
• Someone opens an innocent-looking attachment
• Someone unknowingly visits a compromised website

Then the ransomware installs itself quietly, spreads across your systems, and before you know it, everything’s locked down. Sometimes it sits silently for days or weeks before triggering, just to maximise the damage.

What happens next?

Typically, a ransom note appears on screen demanding payment in cryptocurrency (because it’s harder to trace). The hackers might threaten to:

• Permanently delete your data
• Leak sensitive information online
• Or increase the ransom if you delay

Paying doesn’t guarantee anything. Some hackers do unlock your files. Others take the money and vanish. Even worse, paying up may mark you as a soft target – and they could come back.

Why should leaders care?

Because ransomware doesn’t just affect the IT department, it paralyses your entire operation.

• No access to systems means no sales, service, or communication
• Regulatory penalties may follow if customer data is exposed
• Your brand and customer trust can take a serious hit
• Recovery – even with backups – can be painfully slow and expensive

It’s not just a technical issue. It’s a business continuity issue. And like insurance or emergency exits, you don’t want to think about it after the fact.

What can you do to protect your business?

You don’t need to install antivirus software yourself, but you do need to lead from the top. Here are the key areas to focus on:

1. Backups: your lifeline

Make sure your systems are backed up regularly, securely, and offline (so the backups can’t be infected too). A good backup is your best defence – but only if it works.

Ask your IT team: “Are our backups automatic, tested regularly, and stored offline?”

2. Staff Awareness: Your human firewall

Most ransomware gets in through a simple click. Training staff to spot phishing emails and suspicious links can stop the attack before it starts.

Ask your IT team: “Do we run phishing awareness training and simulate attacks?”

3. Patching and Updates: No more digital gaps

Unpatched systems are like open windows in a storm. Regularly updating software, operating systems, and antivirus tools keeps you protected against known vulnerabilities.

Ask your IT team: “Are all our systems kept up to date, and how often do we review that?”

4. Incident Response Plan: What’s the plan?

If ransomware does strike, your team should know exactly what to do. Who takes charge? Who calls the insurers? Who notifies customers or regulators?

Ask your team: “Do we have a ransomware playbook, and has it been tested?”

5. Multi-Factor Authentication (MFA): Make life harder for hackers

Even if passwords are stolen, MFA can block access to your systems. Think of it as the digital equivalent of needing both a key and a fingerprint to get in.

Ask your IT team: “Do we use MFA for all critical systems, especially email, cloud storage, and admin accounts?”

In short…

Ransomware isn’t going away. If anything, it’s becoming more frequent, more targeted, and more expensive to fix. But the good news? You don’t need to be a tech expert to build strong defences – you just need to ask the right questions and support the right culture.

It’s about preparation, not paranoia. And when it comes to ransomware, the best way to avoid paying the ransom is to never give the criminals the chance.

So the next time someone says, “We’ll just restore from backup,” smile politely and ask when they last tested that backup.