Ransomware is one of the worst threats facing IT leaders and CISOs, and any investment of time and resource into prevention is well spent.
Post-breach is the worst time for organisations to try to get on top of things; the attacker is in the driving seat, IT staff are stretched managing the breach and all the while, extra pressure is mounting from every department needing to access data and applications and from the senior executives who have to communicate to customers, stakeholders and regulators.
It’s vital that you do the basics consistently well, optimise your threat mitigation estate (get your partners to help you), and plan for the worst-case scenario outcomes. Learn from the woes of others and give yourself as much time as possible to consider the likelihood and impact of a ransomware attack. Test your responses and refine them so that you know exactly what to do and when to do it if the worst comes to pass.