Protecting Your Dance Company’s Business Assets

Trends in Ransomware for Non-Profits



By Rob Rosenzweig

At some point, any business could be faced with a malicious ransomware attack no matter its size. As cyber criminals grow more sophisticated, ransomware attacks are becoming more destructive year after year, the cost to companies in remediation, lost revenues, business interruption, and reputation is steadily on the rise. And non-profit dance organizations aren’t immune to these attacks.

Some trends have started to emerge in the past year.

Ransomware is on the rise. By far, ransomware is the fastest growing cybercrime we’re seeing. In fact, 2017 could be called the year of the mega ransomware attack. WannaCry, which essentially crippled the U.K.’s National Health Service computer systems, forcing hospital closures and cancellations of critical appointments and surgeries.

A month later, NotPetya became the most destructive global ransomware attack to date, costing more than $2 billion in a single quarter in business interruption to companies across Europe. Originating in the Ukraine, the attackers targeted companies including Maersk, Merck & Co., DHL, FedEx and multinational law firm DLA Piper, to name a few. The shipping line Maersk alone estimated between $200 million and $300 million in lost revenues during the attack.

Had the same ransomware hit systems in the United States, the cost would have been significantly higher. But it’s not just large, multinational corporations that are feeling the impact of ransomware attacks. Enterprises across all industries, geographies and sizes are being targeted. Arts and dance organizations are not immune. Think about what might happen if your school or online ticket sales were compromised or if you could not access your computer systems and reach your constituents.

Higher demands. Another trend we’re seeing in ransomware is that extortion fees are going up. A couple years ago, ransoms were routinely in the range of thousands of dollars. Today, those demands generally run into six- and high-seven-figures, which must be paid in bitcoin and other digital currencies.

Whether or not a company should pay the extortion fee depends on how good their controls were prior to the attack. If a company has robust daily back-ups to restore its system, and the cost of remediation is less than the ransom demands, then there might be no reason to pay.

Additionally, there’s no guarantee of honor amongst thieves in cybercrime. In other words, even if you pay the extortion fee, your data will not necessarily be restored uncorrupted. It’s important to hire experienced vendors who investigate ransomware incidents. They will most likely be able to recognize whether it’s a legitimate claim, or if paying the ransom only marks you as an easy target for future attacks.

More destructive malware. As cyber criminals fine tune their skills, the malware they’re creating is growing increasingly destructive in nature. Older forms of malware operated by simply locking companies out of their data. If a company didn’t pay the ransom, then it risked losing the data forever. Today’s malware has taken destruction to a whole new level, infecting not only a company’s data, but the hardware on the systems.

For example, when the international law firm DLA Piper was hit in the NotPetya attack, it wasn’t just the firm’s digital data that was compromised – its hardware was corrupted as well. Piper attorneys all over the world were told to unplug their devices, phones and laptops while the company bought new ones.

Fortunately, another trend has emerged. Cyber insurance is becoming more affordable and accessible than ever before. Media attention to cyber events in the past year or so has helped drive market demand of cyber insurance. Today, even if you’re a mid-sized or smaller dance company or presenter, cyber insurance is affordable, accessible and covers more damages related to cyberattacks than ever before. Insurance products can cover the costs of business interruption, remediation, and even the expense of replacing hardware. This is a crucial consideration for  dance companies to plan for as average Ransomware costs can exceed $230,000 and an overall breach can exceed $596,000, which can be crippling for any organization regardless of size.

Dance/USA would like to thank DeWitt Stern a Risk Strategies Company for their generous support. For more information on the risks of malware and how dance and arts organizations can protect themselves against cyberattacks, please visit their website.

Robert H. Rosenzweig, RPLU, is a senior vice president and the National Cyber Risk Practice Leader at Risk Strategies. In this role Rob oversees all of the firm’s cyber professionals and works directly with the firm’s clients and prospects on creating comprehensive and customized coverage for their data security, privacy, and errors and omissions exposures. Rob is also responsible for coordinating the firm’s overall cyber strategy nationally. A published writer and frequent interview subject on cyber-liability topics, he also has participated on panels and led seminars on a variety of related topics. Rob currently holds a designation as a registered professional liability underwriter and he received his BA in government and economics from Hamilton College.


We accept submissions on topics relevant to the field: advocacy, artistic issues, arts policy, community building, development, employment, engagement, touring, and other topics that deal with the business of dance. We cannot publish criticism, single-company season announcements, and single-company or single artist profiles. Additionally, we welcome feedback on articles. If you have a topic that you would like to see addressed or feedback, please contact

Disclaimer: Opinions expressed in guest posts do not necessarily represent the viewpoints of Dance/USA.

Skip to content