Most ransomware attacks are opportunistic, and at the end of the day, cybercriminals do not discriminate. When breached, companies can (and should!) leverage the expertise of teams trained to guide you through the situation. The decision to pay out a ransomware gang is not quick and straight-forward, but rather multi-layered, and dependent on how each attack’s circumstances meet essential criteria of this ‘engagement protocol checklist’ The best defensive measures you can implement are: training all employees to spot phishing emails, two-factor authentication across all supported systems, investing in offline backups that are segmented and regularly tested.
Source: https://www.helpnetsecurity.com/2021/06/28/ransomware-negotiations/