The true toll of a cybersecurity incident is not felt during the attack, it may take a business weeks, months or even years to truly recover. Criminals are constantly updating their attack tools and focusing on different targets they believe are vulnerable. In many cases, organisations may elect to pay the ransom but that is not necessarily the end of the problems. When 500 machines are hit, the decryption process to recover those systems often means entering a separate key to each machine. This can create a resourcing nightmare as organisations scramble to identify and agree on which systems need to come back online first.”]