Ransomware is a menacing digital plague that has evolved into one of the foremost threats to Information Technology (IT). An inherent dilemma of deciding whether to pay the ransomware demands accompanies the inevitable eventuality of a ransomware attack. When confronted with a devastating ransomware attack, enterprise IT organizations and their executive leadership still opt to pay out billions of dollars in ransomware demands despite cautions that paying the ransom does not guarantee a working decryption key or full data restoration, counsel that cyber-insurance premiums may escalate, forewarnings of potential repeat attacks, and risks of non-compliance of ransom-banning laws, heightened regulatory scrutiny, and potential reputational damage. This study explored ransomware expert recommendations in an effort to answer the overarching question: What are the ransomware experts’ recommendations as to how to conduct a thorough analysis of the potential consequences to make the optimal decision whether to pay ransomware demands? This study employed a generic qualitative inquiry methodology to research and explore the experiences, opinions, and the advice of ransomware experts through in-depth, individual interviews. The target population for this study consisted of ransomware experts who had recent experience (within the past 5 years) responding to ransomware incidents and making strategic, rational, and well-informed decisions whether to pay ransomware demands. The data analysis (conducted using ATLAS.ti) resulted in the emergence of 7 themes to assist future ransomware-victim enterprise IT organizations and their executives to plan, prepare, strategize, and practice making the optimal ransomware payment decision in the face of a devastating ransomware attack.