Are Your infrastructure and Operations Teams Prepared for a Ransomware Attack?

Do your teams know their roles and responsibilities during an actual cyber-attack?

Do your teams have the decision-making authority to make decisions on the fly, or do they need to hop on zoom calls to get permission to shut down servers?

Is your IT, networking, and security OP teams aligned in knowing what team is responsible for what, when to engage, and when not?

According to a recent Gartner report, multidisciplinary teams that blend technology or analytics and business domain expertise and share accountability for business and technology outcomes foster team fusion innovation for digital delivery. Fusion teams consist of business and IT staff: product owners, scrum masters, developers, and domain experts. Fusion teams help to remove friction and address companywide issues and requirements.¹

A village

With so many ransomware factors, it is usually within the innocent context that someone simply clicks a link, infecting an organization’s entire network with malware. There are many considerations on how you will defend against this very prevalent threat. Defending against ransomware is a major challenge  – and no individual team can combat it on their own. It takes a well-equipped, prepared, and practiced village to deal with complex threats successfully – one that includes:

People

Being aligned with internal and external teams before, during, and after a ransomware attack is vital for speed and recovery so they can react faster and mitigate the costs associated with downtime.

Process

It is important that internal and external teams are aware of and in sync regarding their responsibilities and what processes they need to follow during a ransomware attack. Test, test, and test your process, as speed will be essential, and you don’t want to test out your process during an attack.

Technology

Follow the National Institute of Standards and Technology (NIST) Cybersecurity Framework to aid your preparation. Adopting a multi-layered security framework helps ensure your data is ready for recovery and reduces the risk of loss.

Call To Action

Data loss and the inability to recover quickly will cost your organization money and time and put your reputation and operation at risk.

• Identify key stakeholders: determine who needs to be involved during a cyberattack.
• Identify key assets: know what is important and what is not.
• Conduct a tabletop exercise: proactively review and communicate your plans.
• Postmortem and change implementation: capture areas of improvement enact those changes.

Please read our eBook Understanding Team Roles & Responsibilities in fighting ransomware to learn more.

This content has been derived from Commvault Connections 2021. Watch Dave Martin’s presentation here.

1. Gartner, I&O Forward Leading the Next Phase of Growth, 2022