The Financial Services Information Sharing and Analysis Center today published a guide to help financial institutions guard themselves against ransomware attacks. The guide, published in partnership with cloud services provider Akamai, focuses on ransomware mitigation best practices, incident response and crisis management, consideration for paying ransoms and resources for further study.

In 2024, roughly 65% of financial organizations reported having dealt with ransomware-related issues, according to FS-ISAC. “Ransomware is one of the few threats that can truly disable a financial services institution. Increasingly innovative, aggressive and frequent, ransomware attacks can disrupt customer services, halt business operations, and damage the institution’s standing with customers and regulators.”

FS-ISAC said it does not recommend that financial institutions make ransomware payments as the money funds further criminal activities. While the organization acknowledged the decision requires an evaluation of all options by stakeholders, it noted there are significant risks with making payments, such as the victims not getting access to her data even after the ransom is paid.