7 Ways to Connect Ransomware and Data Protection to Your Bottom Line


Data and ransomware protection is critical to combating the rising rate of cybercrime against our complex IT infrastructures. But getting buy-in for the initiative isn’t always easy. How do you get decision makers to see beyond the sticker price and consider the value ransomware and data protection bring to the business?

Here are seven ways to drive home the importance of ransomware and data protection for those in your organization who are hyper-focused on the company’s bottom line.

Hit Them with Some Stats

Facts are hard to ignore. You can help decision makers understand the threat ransomware poses to your business’s operations and its bottom line by presenting real data from reputable sources. For example, telling the CIO that “ransomware is bad” doesn’t have the same impact as telling them that “TechRepublic reported ransomware attacks against businesses were up 365 percent in 2019.”

While you have their attention, throw in some recent examples of high-profile ransomware events, such as the September 2020 attack on French shipping container giant CMA CGM or the October 2020 attack that affected every Universal Health Services facility in the United States.

Don’t Get Bogged Down in Technical Details

The company decision makers aren’t always on the technical side of the house, so steer away from tech jargon and focus on business objectives. Be prepared to discuss how ransomware will impact business continuity and how your company’s operations and revenue will be affected by downtime.

Communicate probable bottom-line impacts, such as ransom demands, lost data and revenue, damage to the company’s reputation, regulatory fines, and employee productivity coming to a screeching halt.

Make It Personal

It’s important to discuss both the immediate effects and the ongoing repercussions of a successful ransomware event to illustrate the direct and indirect impact of an attack on the company. 

Start by creating a hypothetical ransomware scenario with your organization at the center. Pull together estimates based on real company data to show how much money your organization will lose after a minute, an hour, a day, or a week of downtime caused by a ransomware attack.

Provide links to studies that examine ransomware’s influence on consumer loyalty and purchasing decisions. Then use your company’s actual numbers to calculate the bottom-line impact if 28 percent of your customers walked away following a single ransomware-related service disruption. 

Frame the Initiative as a Competitive Advantage

Once decision makers understand how ransomware negatively impacts customer loyalty, it’s time to demonstrate how ransomware protection creates a competitive advantage.

Consumers value the security of their data and are willing to pay more for peace of mind. They are also willing to jump ship to a competitor if they don’t feel like their data is adequately protected. 

Explain to the decision makers how you can use this knowledge to create a safe space for your customers (and your competitors’ customers) by implementing a comprehensive ransomware protection strategy.

Pitch the Brand, Not the Product

Most decision makers don’t want to hear about the features and technical specs of the solution you are recommending. However, they care very much about the strength of a brand’s reputation, so talk about that.

Gather testimonials and instances of industry recognition that highlight the solution’s brand power so you are prepared to discuss not only the product but also who stands behind the product. (Bonus points if you can find out which of your competitors are using particular brands for better or for worse.)

Keep It Short and Sweet

Company decision makers are normally strapped for time, so keep your pitch high-level. Provide short, easily digestible resources, such as this one-pager: “Lose My Trust. Lose My Business.” Keep your presentation succinct so you can disseminate the highest-value information during whatever time you have. 

Find a Champion Who Can Talk Tech

Before you set a meeting with decision makers to discuss a ransomware protection initiative, recruit someone in the organization with both technical expertise and business knowledge to back you up. 

Getting the director of IT or the CIO on board first will give you an advocate who can help shift the conversation from the cost of investment to the business value and ROI.

It doesn’t take an economist to know that cyberattacks are bad for business. Yet sometimes it seems to take a Herculean effort to get buy-in from leadership for a ransomware and data protection initiative.

Understanding how to frame the conversation with company decision makers is the first step in getting to “Yes,” so hit them where it counts: the bottom line. 

The seven tips discussed above are a great starting point to get everyone on board with a ransomware and data protection strategy. For additional talking points, download Ransomware's Stunning Impact on Consumer Loyalty and Purchasing Behavior, and show up prepared with facts and figures that illustrate how ransomware affects the company’s financial outlook.