A ransomware demand is enough to give any company executive heartburn as the decision of whether or not to pay the ransom is considered. Part 1 of this two-part series highlighted three factors to consider as part of the decision to pay: what has been compromised, what will the downtime cost the company and was personally identifiable information affected? However, there are several other issues to consider before making a final determination on whether or not to pay a ransom.