Security News > 2022 > May > Ransomware: How executives should prepare given the current threat landscape
Nearly every week in 2021 and early 2022, a prominent organization has been in the media spotlight as their public relations team struggles to explain how they were attacked and how they can regain consumer confidence.
Many teams center their plans around prevention of the initial attack, not response, after an adversary successfully gains a foothold.
Does your team have standard operating procedures for a ransomware attack and regularly practice containment "Battle drills" such as quickly changing all privileged account passwords through the entire enterprise?
Almost every CISO delegates responsibility for coordinating immediate actions in a cybersecurity emergency to a trusted subordinate, often called an "Incident commander." When your incident commander builds the ransomware "War room," do they have an at-a-glance roster to ensure the right people are included? Since your time as an executive is very limited, how do you want to be updated, and does the incident commander and/or CISO understand that requirement? Is legal embedded into your organization's incident command structure?
One of the most common questions asked is: "How can we prepare for ransomware communications?" In terms of internal communication, it is critical to define what communication system will be used to send notifications.
Advice to any CEO for preparing a ransomware preparedness plan The executive leadership team can and should be closely involved with the development of the anti-ransomware plan.