So You Had a Ransomware Breach. Now What?

Ransomware attacks increased 51% from 2020 to 2021, according to the FBI’s Internet Crime Complaint Center, resulting in an estimated $49.2 million in losses.

A well-designed breach response, legal counsel, and a robust communication plan, among other tools and tactics, can make the difference between returning your business to normal quickly, or prolonging the impact of ransomware far beyond the initial attack. This checklist from AuditBoard breaks down details on what InfoSec professionals can do during each of these steps to minimize damage in the event of an attack:

  1. Activate your breach response plan.
  2. Engage legal counsel.
  3. Contact law enforcement.
  4. Perform due diligence.
  5. Make a decision on paying or denying the ransom demand.
  6. Communicate with key stakeholders.
  7. Document and act upon the lessons learned.

If your organization hasn’t developed a breach response plan, or you haven’t updated it recently, there’s no time like the present. When an attack happens, instead of spending valuable time developing a plan as it occurs, your organization can dedicate its time to plan execution. It’s also crucial to test your response plan at least annually to make sure all key stakeholders are aware of their role and identify any gaps. After all, practice makes perfect. While you cannot prevent every attack, you can control how you respond.

Get your copy of the checklist and start preparing today.



Request Free!