Create a Ransomware Incident Response Plan


Don’t be the next headline. Determine your current readiness, response plan, and projects to close gaps.

If you're already a member, click here to log in.

Major Business Pain Points

  • Ransomware is a high-profile threat that demands immediate attention. Organizations large and small hit by ransomware make the news every week.
  • Executives want reassurance – but aren’t ready to write a blank check. Improvements must be targeted and justified.
  • No one is bulletproof, so the ability to recover from (and not just prevent) a ransomware attack is critical. Yet backup and disaster recovery capabilities are often lacking.
Create a Ransomware Incident Response Plan-Pain Points

Recommendations

Key Points

  • Ransomware is a top concern for executives. However, most ransomware victims were aware they were vulnerable, but failed to close the gaps until it was too late.
  • Ransomware is constantly evolving; your existing security and disaster recovery (DR) practices may not be enough.
  • Attacks are often sophisticated, multi-stage forays designed to not trigger an alert until critical data is already compromised.

Approach

Create a Ransomware Incident Response Plan-Recommendations
  • Execute a systematic assessment of your current security and DR practices to identify gaps and quick wins.
  • Quantify ransomware risk to prioritize investments and drive security awareness.
  • Run tabletop planning exercises for ransomware attacks to build a more effective incident response plan and further identify projects to close gaps.

Methodology and Tools

1. Ransomware Incident Response Research – A systematic approach to evaluate and improve your organization's current ransomware readiness.

Ransomware has the attention of every leadership team. The challenge is translating that attention into specific actions to improve your ransomware readiness. This research includes assessing the organization's maturity to determine your ransomware readiness and identify specific areas that need improvement; undertaking a business impact analysis to quantify the impact of a ransomware attack and set appropriate recovery targets; performing tabletop planning to drive a practical incident response plan that captures how your organization would need to respond to a ransomware attack; and creating a project roadmap to address gaps and meet business resiliency requirements.

  • Create a Ransomware Incident Response Plan – Phases 1-4

2. Ransomware Readiness Maturity Assessment Tool – A structured evaluation tool for preparing your organization for a potential ransomware attack.

Identify specific areas that need improvement and define baseline metrics to measure and report progress. Use this assessment tool to evaluate prevention at each stage of incident response (including post-incident) as well as the status of your organization's disaster recovery plan (DRP) and business continuity plan (BCP), both of which may be required in the event of a ransomware attack.

  • Ransomware Readiness Maturity Assessment Tool

3. Ransomware Business Impact Analysis Tool – An exemplar document of the business impact analysis (BIA) that you can use to quantify the potential impact of a ransomware attack.

It is critical to communicate risk and prioritize the systems and data of your organization that need the greatest protection. This streamlined, practical assessment can expedite getting agreement between IT and business leaders on risk and recovery targets. This in turn will guide security and disaster recovery strategy and investments.

  • Ransomware Business Impact Analysis Tool – Example

4. Ransomware Response Workflow Template – An editable example of a visual at-a-glance summary of the key steps and stakeholders in a sample ransomware incident response.

The workflow is aimed at team leaders who need to coordinate actions through each stage of incident response, from detection to recovery.

  • Ransomware Response Workflow Template
  • Ransomware Response Runbook Template
  • Ransomware Tabletop Planning Results – Example

5. Ransomware Project Roadmap Tool – An exemplar project roadmap tool to identify specific tasks and projects that will help your organization address gaps and improve its ability to prevent and respond to ransomware attacks.

This completed roadmapping tool provides you with a timeline of projects in an executive dashboard. Leverage the tool to drive the necessary discussions to improve your organization's ransomware readiness.

  • Ransomware Project Roadmap Tool – Example

6. Ransomware Readiness Summary Presentation Template – An example presentation you can edit and customize for your organization.

Summarize your current readiness and present a prioritized project roadmap to improve ransomware prevention and recovery capabilities.

  • Ransomware Readiness Summary Presentation Template

All resources on this page are provided to Cyber Leadership Hub members under license from third parties including Info-Tech Research Group Inc, a global leader in providing IT research and advice.