Security teams who are mired in protecting the organization against ransomware attacks are familiar with how ransomware groups operate, but many people outside of security don’t always have a clear understanding of everything involved in a ransomware attack. Tabletop exercises are one way to teach people outside of the security organization what the effects of ransomware are while testing the security measures in place to defend against a ransomware attack.
Any ransomware strategy has to start with good backups. Good backups are those that are thoroughly and regularly tested. Having good backups gives ransomware victims leverage against ransomware groups, because victims don’t have to pay to decrypt their files. Having good backups is the last defense when all other defenses fail.
Creating Disaster Recovery and Incident Response Plans
Many IT and security professionals have said that realizing their organization got hit by ransomware was the worst day of their life. Sometimes the protections against ransomware fail, and the worst happens. Organizations have to prepare for that day with strong incident response (IR) and disaster recovery (DR) plans. These allow an organization to quickly and effectively deal with “the worst day” and get back up and running as soon as possible.