Create a Disaster-Ready Ransomware Recovery Plan

Prepare to defend your organization against ransomware.
 Join Now

If you're already a member, click here to log in.

Major Business Pain Points

  • Many organizations pay the ransom because they aren’t confident that they can recover sufficiently because of gaps in their incident response and disaster recovery processes.
  • Ransomware attackers use multiple attack vectors and can even allow ransomware to lay dormant, so they infiltrate your backups, DR site, and even more endpoints before the ransomware is activated.
  • Ransomware is constantly evolving, and organizations can’t keep up.
Create a Disaster-Ready Ransomware Recovery Plan-Pain Points

Recommendations

Key Points

  • It’s just malware. Ransomware, although unique in its end goal, is still malware and can be prepared for accordingly.
  • You will have to pay, but you should choose who you pay. Whether you pay to modernize your security controls, for cyber insurance, or for an MSSP, you want to avoid paying the attacker.
  • You can't prevent ransomware, but you can respond better. Mitigate the impact of ransomware with a security incident response plan that includes security awareness and training, disaster recovery, and business continuity.

Approach

Create a Disaster-Ready Ransomware Recovery Plan-Recommendations
  • Effective and efficient management of ransomware involves a formal process of preparation, detection, analysis, containment, eradication, recovery, and post-incident activities.
  • Many conventional information security best practices can defend against a ransomware attack. Ensure you have security awareness and training, disaster recovery, and business continuity in place for your response strategy.
  • Stop worrying about becoming the next ransomware headline. Make the necessary preparations to defend your organization against the effects of ransomware.
 Subscribe to Premium

Methodology and Tools

Executive Brief

Read the concise Executive Brief to find out why you should coordinate your incident management and disaster recovery programs to plan for and mitigate the impact of ransomware and review the methodology.

  • Create a Disaster-Ready Ransomware Recovery Plan – Executive Brief
  • Create a Disaster-Ready Ransomware Recovery Plan – Phases 1-4

1. Assess your ransomware response readiness

Assess your overall ransomware response readiness.

  • Create a Disaster-Ready Ransomware Recovery Plan – Phase 1: Assess Your Ransomware Readiness
  • Information Security Requirements Gathering Tool
  • Ransomware Incident Management Maturity Assessment Tool
  • DRP Business Impact Analysis Tool
  • Legacy DRP Business Impact Analysis Tool

2. Determine the business impact to understand acceptable RTOs and RPOs

Determine the overall business impact of a ransomware incident.

  • Create a Disaster-Ready Ransomware Recovery Plan – Phase 2: Determine Business Impact to Understand Acceptable RTOs and RPOs

3. Develop a ransomware response and recovery plan

Develop the necessary incident response management workflows, which also include disaster recovery as a necessary component, to mitigate the impact of a ransomware incident.

  • Create a Disaster-Ready Ransomware Recovery Plan – Phase 3: Develop a Ransomware Response and Recovery Plan
  • Security Incident Management Runbook: Ransomware

Security Incident Management Workflow: Ransomware (Visio)

  • Security Incident Management Workflow: Ransomware (PDF)

4. Build a roadmap to close gaps

Build a roadmap and a ransomware strategic plan summary document to make recommendations for maturing your overall security posture.

  • Create a Disaster-Ready Ransomware Recovery Plan – Phase 4: Build a Roadmap to Close Gaps
  • Ransomware Strategic Plan Summary Document

All resources on this page are provided to Cyber Leadership Hub members under license from third parties including Info-Tech Research Group Inc, a global leader in providing IT research and advice.