What Businesses Should Be Doing Instead Of Buying More Tech

Uploaded on 2025-08-08 in TECHNOLOGY--Resilience, FREE TO VIEW

A year after law enforcement paraded the takedown of LockBit as a victory for cybersecurity, the harsh reality has set in: ransomware didn’t retreat - it metastasised. The criminals didn’t stop; they just got smarter. Now, with operations like Ghost infiltrating networks in over 70 countries, the threat is more pervasive than ever.

And despite the billions blown on shiny cybersecurity tools, AI-powered dashboards, and employee awareness campaigns, companies are still getting breached - and still paying ransoms.

Why? Because the industry has been peddling a lie: that buying the new shiny thing will be the silver bullet and keep the wolves at bay.

The Illusion Of Security

The industry’s obsession with shiny new tools is misguided. The truth is that the silver-tongued salespeople and their skilled marketers have lied to their customers. They’ve given them a false sense of security that if they buy this single new product, nothing bad will happen.

The failure of this product-centric approach is plain to see. Breaches continue to dominate headlines, and many of those affected have done everything the “experts” told them to: they trained their staff, bought the most expensive backup solutions, installed the highest-rated endpoint protection. Still, they found themselves in negotiations with criminals, trying to rescue their stolen or encrypted data.

So, what’s the answer? The only way to build real protection is to shift the mindset - from defence through products to resilience through visibility.

Visibility Is The New Cybersecurity Gold

Our approach is rooted in visibility and continuous monitoring. When we know what we have, we know how it behaves - and we know when something is going wrong. Without visibility, we’re guessing. We’re assuming we’re okay.

This is a brutal truth many business leaders don’t want to hear: spending on security without understanding your environment is like buying a state-of-the-art alarm system and leaving your doors open. No tools or training can replace situational awareness and real-time visibility across your entire digital infrastructure.

Rather than hoping to keep criminals out altogether - a near impossibility today - companies must assume compromise and have controls that are resilient and provide the visibility to respond effectively when something goes wrong.

Ban The Ransom? Good lLuck

The debate over whether ransomware payments should be made illegal is intensifying. The logic is sound on paper: banning payments would make ransomware less profitable, removing the incentive for attacks. The real world doesn’t operate according to whiteboard logic.

Yes. Paying a ransom should be illegal. It’s an easy answer. Because when there is a law that makes something illegal, everybody then stops doing it. Right?

The real issue is that a law banning ransom payments won’t stop cybercrime - it will only make the consequences for victims worse. Businesses under siege often face an impossible choice: break the law or lose everything. And in the face of losing their business, their livelihood, and their ability to support employees and families, many will choose survival.

Criminalising payments could drive incidents further underground. We already suffer from a lack of reporting and transparency. Banning payments will force good people to break the law just to survive.

Building A Living Incident Response Plan

If banning ransoms isn’t the answer, what is? Preparation - specifically, a comprehensive, continually updated incident response (IR) plan created in partnership with experienced cybersecurity professionals. This starts with a full inventory of assets, a realistic assessment of risks (both internal and external), and an understanding that not all breaches are created equal.

A compromised standard user account is one thing. A compromised CEO account is a whole different world. Your IR plan must reflect this complexity. It should be flexible, scenario-based, and regularly revised - not a static “Bible,” but a living document.

The worst time to discover your plan is outdated is during an active breach. Every incident, whether large or small, should feed back into the IR plan, strengthening it for the future. “It will never be finished. But it can always be better.

The Real Path Forward

The era of buying your way to security is over. Ransomware has evolved, and the business world must evolve with it. While flashy tools have their place, they are only effective when used within a broader strategy that prioritises visibility, resilience, and continual improvement.

We are never going to stop cybercriminals from being criminals. But we can ensure resilience to deliver real security and protection. The goal isn’t to eliminate risk entirely - that’s impossible. The goal is to detect it early, respond effectively, and bounce back stronger. That’s not something you can buy off the shelf. But it is something you can build.

John Mc Loughlin is CEO of J2 Software

Image: Ideogram

You Might Also Read: 

The Industries Facing The Biggest Cyber Threats:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

« Ransomware Evolution: AI, Identity Gaps & Leadership Blind Spots Are Shaping The Threat
A Brief Guide To Navigating Ransomware Extortion  »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Forcepoint

Forcepoint

Forcepoint provide a unified, cloud-centric platform that safeguards users, networks and data while eliminating the inefficiencies of managing multiple point security products.

Perseus Cyber Security

Perseus Cyber Security

Perseus provides all-around digital protection for small and medium-sized businesses through state-of-the-art software solutions, flexible online training and emergency response.

Cyber Tec Security

Cyber Tec Security

Cyber Tec Security is an IASME Certification Body for Cyber Essentials basic/Plus. We also provide ongoing Managed Security Services.

EU Joint Research Centre

EU Joint Research Centre

JRC is the European Commission's science and knowledge service which employs scientists to carry out research in order to provide independent scientific advice and support to EU policy.

Altipeak Security

Altipeak Security

Altipeak Security provide Safewalk - a flexible and robust authentication platform through which we offer improved security to SMBs, corporates, banks, insurance companies, healthcare and more.

Zacco

Zacco

Zacco offer a 360° perspective on intellectual property: From patent filing and trademark registration to software development, digital brand protection, cyber security and portfolio management.

Camel Secure - ZeroRisk

Camel Secure - ZeroRisk

Camel Secure is a company specialized in the development of products for information security and technology risk management.

ZARIOT

ZARIOT

ZARIOT's mission is to restore order to what is becoming connected chaos in IoT by bringing unrivalled security, control and quality of service.

Appsian Security

Appsian Security

Appsian provides powerful solutions that help organizations take control of their business critical data and financial transactions.

Chugach Government Solutions (CGS)

Chugach Government Solutions (CGS)

CGS performs work for the Federal Government across 4 unique core lines of business, including: Facilities Management and Maintenance, Construction, Technical IT and Cyber Services, and Educational Se

VENZA

VENZA

VENZA is a data protection company that can help organisations mitigate their vulnerabilities and ensure compliance, keeping guests and their data safe from breaches.

Beaming

Beaming

Beaming is an established Internet Service Provider for businesses across the UK. We deliver reliable voice, data and managed services, including cybersecurity.

Miggo Security

Miggo Security

Miggo is the first Application Detection and Response (ADR) platform on a mission to stop application breaches.

ITButler e-Services

ITButler e-Services

At IT Butler, our mission is crystal clear: we are dedicated to providing top-tier cybersecurity solutions and best-practice methodologies to secure and enhance your digital infrastructure’s resilienc

QRC Assurance & Solutions

QRC Assurance & Solutions

QRC is a PCI QSA, QPA, ISO accredited, CPA and CERT-IN empanelled organization with vast experience in conducting certification, regulatory audits, pen testing services, training and more.

Right Hand Technology Group (RHTG)

Right Hand Technology Group (RHTG)

Right Hand Technology Group is a premier provider of IT services specializing in cybersecurity, managed IT solutions, and compliance.