There is a major global Ransom Denial of Service Campaign activity against targeting thousands of large commercial organizations globally, specifically the financial services industry.
No matter the size of your organisation and whether it is a controller or a processor, your organisation should consider pursuing ISO 27701 certification.