Seemingly every day, a new organization announces they’ve been hit by a ransomware attack. The agnostic nature of ransomware leaves no industry immune to vulnerabilities. Be it school systems, healthcare providers, or government agencies, the battlegrounds are increasingly widespread. Companies should operate not on a basis of if they’ll be hit, but when. Executives and IT teams must be prepared to take specific steps in the immediate aftermath of a ransomware attack to best protect their employees, assets, and sensitive information.
1. Don’t Panic
In high-stress situations, panic is a bad adviser. When organizations are hit with ransomware, many are unprepared, which leads to reactionary and uninformed decision-making — often with catastrophic results. Avoid “reacting” and focus on “responding” by understanding and practicing what must be done in advance. Identify who will be involved: What will they need to do? How will the team communicate? If/when a ransomware attack takes place, the plan and everybody’s role in it should already