Many small firms believe that if they haven't been caught up by the GDPR requirements yet, they are free and clear. But this isn't always the case! Ransomware (a sort of malicious software or "malware") designed to limit access to computer systems and the data housed inside them via encryption has seen a continuous increase in the quantity and severity of personal data breaches from the ICO's caseload throughout 2020/2021.