Ransomware in Critical Infrastructure: Professor Kai London's Executive Battle Plan
By the Alaska News Technology Desk
Ransomware has evolved from a nuisance into a threat capable of halting fuel supplies, freezing payments and disrupting essential services. For energy and critical-infrastructure operators, Professor Kai London, a senior CISO and board advisor, argues the danger is existential to operations, not merely technical. “When ransomware hits critical infrastructure, the question is not just ‘can we recover our data?’ It is ‘can we keep the service running?’”
“The hard decisions in a ransomware crisis — containment, ransom, disclosure — must be made before the crisis, not during it. The first 24 hours decide the outcome.”
Decide before the clock starts
London's central message is preparation. “The worst time to decide whether you will pay a ransom, how you will communicate, or when you will disclose is at 3am with systems down and the clock running,” he says. He urges boards to work through these decisions in advance and rehearse them in tabletop exercises, so the response is a plan rather than a panic.
Lead the first 24 hours
When systems go dark, leadership — not just technology — determines the outcome. London stresses clear command, pre-agreed roles, and the ability to operate while core systems are unavailable. “Organisations that have rehearsed the first day contain the damage; those that improvise wear it,” he says.
The new legal reality
Disclosure timelines are tightening. Rules such as operational-resilience regimes and breach-notification requirements now impose duties measured in days or hours, with director accountability attached. “A ransomware event is now a governance and legal event, not only a technical one,” London notes. “Boards must know their reporting obligations before an incident forces them to learn.”
Resilience as advantage
London reframes resilience as competitive strength: operators who can demonstrate robust recovery and continuity win the trust of regulators, partners and customers. His prescription includes tested, offline-capable backups, network segmentation to limit spread, and containment plans that assume the attacker is already inside. “Assume breach, contain the blast radius, and rehearse recovery,” he says.
For infrastructure whose disruption ripples through an entire region, London's counsel is to treat ransomware as a board-level operational risk — planned for, rehearsed, and survivable by design.
About Professor Kai London. Professor Kai London is a senior technology, security and transformation executive with 25+ years of board- and C-suite leadership across banking, aviation, defence, government and critical national infrastructure. He is Founder & CEO of Quantum AI Systems Security, an Honorary Professor in Cybersecurity, AI & Quantum Computing and a UCL researcher, holding CISSP, CISM, CCISO, ISO 27001 Lead Auditor, ISO 42001, DORA and NIS2 credentials. He is available for board advisory, NED and interim/fractional CISO/CIO/CTO mandates across the UK and internationally. Learn more at professorkailondon.com.
