The Economics of Ransomware Payments: Decision Factors, Outcomes, and Market Dynamics

Threats & Vulnerabilities2024Journal of Cybersecurity

ByJulian Calvo, Ed.D., MBA, M.S.2024

APA Citation

Collins, J. et al. (2024). The Economics of Ransomware Payments: Decision Factors, Outcomes, and Market Dynamics. *Journal of Cybersecurity*. https://doi.org/10.1093/cybsec/tyae048

View original paper →

Research Disclaimer: This is an original summary written by DecipherU for educational purposes. We do not host or reproduce the original paper. Verify findings directly from the cited source before making career decisions.

What Did This Cybersecurity Research Find?

This cybersecurity threat economics study analyzed 500 ransomware incidents to map the payment decision process, actual recovery outcomes, and downstream market effects. Cybersecurity teams that paid ransoms recovered full data in only 65% of cases, and organizations that paid were 2.8x more likely to be targeted again within 12 months, supporting the law enforcement position that payment perpetuates the ransomware economy.

Key Findings

1Only 65% of organizations that paid ransoms recovered all their data
2Paying organizations were 2.8x more likely to be targeted again within 12 months
3Median ransom payment was $275,000 for mid-market organizations in 2024
4Total incident cost (including recovery) averaged 5x the ransom amount paid
5Organizations with tested offline backups recovered without payment 91% of the time

How Does This Apply to Cybersecurity Careers?

Incident responders can present evidence-based guidance during ransomware negotiations. Security leaders can make informed decisions about ransomware response policies and insurance.

Who Should Read This?

mid careerseniormanagement

Frequently Asked Questions

What did this cybersecurity research find?

How is this research relevant to cybersecurity careers?

Incident responders can present evidence-based guidance during ransomware negotiations. Security leaders can make informed decisions about ransomware response policies and insurance.

Where was this cybersecurity research published?

This study was published in Journal of Cybersecurity in 2024. The DOI is 10.1093/cybsec/tyae048. Access the original paper through the publisher link above.

Sources

Last verified: 2026-04-01Report an inaccuracy

Explore Related Cybersecurity Resources

Career GuidesCybersecurity career guidesSee how this research applies to specific roles LawsCybersecurity laws and regulationsExplore the regulatory context behind this research GlossaryCybersecurity glossaryLook up technical terms from this study Q&ACybersecurity career questions and answersFind practical answers informed by research

Was this page helpful?

Get cybersecurity career insights delivered weekly

Join cybersecurity professionals receiving weekly intelligence on threats, job market trends, salary data, and career growth strategies.

Get Cybersecurity Career Intelligence

Weekly insights on threats, job trends, and career growth.

Unsubscribe anytime. More options

The Economics of Ransomware Payments: Decision Factors, Outcomes, and Market Dynamics

APA Citation

Collins, J. et al. (2024). The Economics of Ransomware Payments: Decision Factors, Outcomes, and Market Dynamics. *Journal of Cybersecurity*. https://doi.org/10.1093/cybsec/tyae048

View original paper →

What Did This Cybersecurity Research Find?

Key Findings

1Only 65% of organizations that paid ransoms recovered all their data
2Paying organizations were 2.8x more likely to be targeted again within 12 months
3Median ransom payment was $275,000 for mid-market organizations in 2024
4Total incident cost (including recovery) averaged 5x the ransom amount paid
5Organizations with tested offline backups recovered without payment 91% of the time

How Does This Apply to Cybersecurity Careers?

Incident responders can present evidence-based guidance during ransomware negotiations. Security leaders can make informed decisions about ransomware response policies and insurance.

Who Should Read This?

mid careerseniormanagement

Frequently Asked Questions

What did this cybersecurity research find?

How is this research relevant to cybersecurity careers?

Incident responders can present evidence-based guidance during ransomware negotiations. Security leaders can make informed decisions about ransomware response policies and insurance.

Where was this cybersecurity research published?

This study was published in Journal of Cybersecurity in 2024. The DOI is 10.1093/cybsec/tyae048. Access the original paper through the publisher link above.

Was this page helpful?

Get cybersecurity career insights delivered weekly

Join cybersecurity professionals receiving weekly intelligence on threats, job market trends, salary data, and career growth strategies.

Get Cybersecurity Career Intelligence

Weekly insights on threats, job trends, and career growth.

Unsubscribe anytime. More options