Defending Against Ransomware Together.

We're building a collaborative community of cybersecurity professionals dedicated to sharing high-quality threat intelligence. Join thousands of defenders, researchers, and analysts working together to protect organizations worldwide from ransomware threats.

Partner With Us

Our Platform

Everything you need to fight ransomware

We provide the tools, intelligence, and community to help you protect your organization and others from ransomware threats.

Threat Intelligence

Access high-quality, peer-reviewed ransomware reports and technical breakdowns from world-class experts. No paywalls, no vendor agendas.

Community Platform

Connect with defenders, researchers, and incident responders globally. Share knowledge, collaborate on threats, and learn from each other.

Educational Resources

Learn from structured methodologies, case studies, and practical guides. All content is evidence-led and free from fluff.

Expert Recognition

Contribute your expertise and get recognized for your work. Build credibility while supporting the global fight against ransomware.

The Growing Ransomware Crisis

Ransomware attacks continue to surge globally, affecting organizations of all sizes. Understanding the scope of this threat is the first step toward building effective defenses.

€57B

Global damage in 2025

Total projected ransomware-related damages including ransom payments, downtime, recovery, and reputational harm.

2 sec

Attack #0

Attack frequency

A ransomware attack occurs every 2 seconds globally—a dramatic acceleration from every 11 seconds in 2024.

69%

Organizations targeted

7 of 10 organisations faced at least one ransomware incident in the past year, with healthcare at 67% and finance at 78%.

The Knowledge Gap

Why Open Intelligence Sharing Matters

Traditional cybersecurity intelligence sharing is fragmented and gatekept behind expensive subscriptions, vendor relationships, and exclusive partnerships. This leaves countless organizations—especially smaller businesses, nonprofits, and public institutions—vulnerable to attacks they could have prevented with timely, actionable intelligence.

Meanwhile, ransomware operators share tactics, tools, and targets through underground networks with unprecedented speed and coordination. They're organized, collaborative, and constantly evolving—while defenders often work in isolation.

The current model fails because threats move faster than traditional intelligence cycles. By the time threat reports reach most organizations through conventional channels, attackers have already adapted their methods and moved on to new targets.

Open, peer-reviewed intelligence sharing levels the playing field. When defenders can access real-time threat data, share defensive strategies, and collaborate on response efforts, we can build collective immunity against ransomware campaigns. This isn't just about better cybersecurity—it's about protecting the digital infrastructure that modern society depends on.

Average cost per attack
€5.5M
Average downtime after attack
19 days
Organizations hit last year
69%
Global damage by 2031
€275B

Our Vision & Values

A world without ransomware

At Ransom-ISAC, our vision is a world where ransomware no longer thrives in the shadows — a world where knowledge, not gatekeeping, is the standard for defence.

Breaking down barriers
We are committed to breaking down the barriers that have long restricted access to high-quality threat intelligence.
No paywalls
No paywalls, no gatekeeping — just open, affordable access to world-class intelligence for all.
Global collaboration
We create space for technical and non-technical professionals to work together across the globe.
United front
Full-time and freelance professionals unite in the fight against ransomware.
Peer-reviewed content
All content is peer-reviewed, evidence-led, and free from fluff.
Quality without compromise
We're building a better service for less — prioritizing quality, transparency, and global inclusion.
Evidence-based approach
We don't settle for mediocrity. Every piece of content is backed by solid evidence and expertise.
Transparent operations
Complete transparency in our operations, methodologies, and community governance.

Partner With Us

Join forces with Ransom-ISAC to strengthen our collective defense against ransomware.

Ransom-ISAC is committed to protecting and respecting your privacy. Please check the box below to indicate consent to Ransom-ISAC to store and process the personal information submitted and provide you information on the products and services you are requesting and other content that may be of interest to you.

You can unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our .

Why Partner with Ransom-ISAC?

Ransomware is a global threat that requires a unified response. By partnering with Ransom-ISAC, your organization becomes part of a worldwide network dedicated to sharing intelligence, developing defensive strategies, and protecting communities from ransomware attacks.

Partnership opportunities include:

  • Technical integrations and API access
  • Data sharing agreements
  • Research collaborations
  • Sponsorships and funding
  • Community initiatives

Benefits by Partner Type

For Security Vendors

  • Share threat intelligence with a global community
  • Contribute to industry-wide defense strategies
  • Gain visibility for your security solutions
  • Collaborate on research and analysis

For Organizations

  • Access peer-reviewed threat intelligence
  • Connect with security experts worldwide
  • Strengthen your ransomware defenses
  • Support the global fight against cybercrime

We believe in transparent, mutually beneficial partnerships that advance our shared mission of building a world without ransomware.

Frequently asked questions

If you have additional questions, feel free to reach out to us.

    • What is Ransom-ISAC?

      Ransom-ISAC (Ransomware Information Sharing and Analysis Centre) is a not-for-profit, community-driven initiative dedicated to the global fight against ransomware. We connect defenders, researchers, incident responders, and organisations of all sizes to high-quality threat intelligence and practical collaboration — with no paywalls, vendor agendas, or barriers to access.

    • What is the mission of Ransom-ISAC?

      Our mission is to stamp out ransomware by delivering affordable, high-quality threat intelligence to all. We empower security professionals — both full-time and freelance — with recognition and opportunity, removing barriers and gatekeeping in a united fight against ransomware.

    • Who is Ransom-ISAC for?

      We welcome a broad community of cyber defenders: from technical practitioners and researchers to non-technical leaders, journalists, incident handlers, and policy professionals. If you're committed to protecting others from ransomware and believe in transparent, high-integrity collaboration, you belong here.

    • Why does Ransom-ISAC exist?

      Too often, vital intelligence is hoarded or hidden to protect commercial or reputational interests. This behaviour increases the time ransomware threats go undetected, reduces victim awareness, and hinders the global understanding of adversaries. Worse still, it can cause real harm — to businesses, critical services, and even lives. We're here to change that.

    • Do I need a security clearance to join?

      No. A security clearance is not required. However, due to the potential for sensitive data (including TLP:AMBER and TLP:RED) to be shared within the community, we do conduct a Know Your Customer (KYC) screening process to ensure trust, accountability, and protection for all members.

    • Is Ransom-ISAC affiliated with any political or commercial entity?

      No. Ransom-ISAC is strictly non-political and vendor-neutral. We operate independently and do not promote any products, services, or platforms. Our sole focus is ransomware — understanding it, disrupting it, and defending against it. That's all there is to it.

    • What types of content will Ransom-ISAC produce or share?

      Curating and sharing only the highest-quality resources — including in-depth ransomware reports, technical breakdowns, educational lessons and knowledge sharing sessions from world-class experts, talks, case studies, practical guides. All content is peer-reviewed, evidence-led, and free from fluff or filler.

    • How can I join or get involved?

      In the meantime, feel free to join our mailing list. When we launch, all members will undergo a vetting process to ensure they align with our values and help maintain a safe and secure environment for sharing information. Once verified, you'll gain access to our community platforms and resources.

    • What makes Ransom-ISAC different from other ISACs or threat intelligence vendors?

      We are built around accessibility, integrity, and excellence. We don't settle for mediocrity or put profits before purpose. We exist to empower defenders with the best intelligence available regardless of location, job title, or funding. We're here to build a better service, for less — one that prioritises quality, transparency, and global inclusion over paywalls and profit.

Join the fight against ransomware

Get exclusive early access to our intelligence platform and join a global community of defenders.

We respect your privacy. Read our .

Exclusive intel updates
Latest threat intelligence and defensive strategies before they're public.
No spam, ever
Essential updates only. Unsubscribe anytime with one click.