When it comes to ransomware conventional wisdom says you should never pay. Often, however, the reality is not as simple as that. If the data cannot be retrieved from your backup solution or if the encrypted information is business critical the company may have little choice but to shell out. According to Kaspersky more than one-in-three organisations pays up. Unfortunately for them that’s not necessarily the end of the story.