If you suffered a ransomware attack, would you pay the ransom? And has this policy been signed off by the exec team and board of directors?