“Ransomware is a variant of cyber-attack in which the perpetrators encrypt an organization’s data and then demand a monetary payment for the decryption key, usually in the form of cryptocurrencies such as bitcoin. Ransomware is most frequently delivered through phishing emails that corporate employees click through, introducing the ransomware onto the corporate network. By rendering critical data and systems inaccessible, ransomware can have severe operational consequences and can bring the business of even multinational companies to a halt.
A ransomware strike raises urgent operational, IT security, and legal and compliance questions for a victim company. Companies must be able to rapidly work to restore operations and communicate with customer and commercial partners. They must simultaneously grapple with difficult questions like whether to pay ransom, how to coordinate with law enforcement, and how to contain potential liability for financial damage caused by any disruption of operations or from regulatory inquiries that the attack may trigger.
Because ransomware strikes with no warning, companies need to think ahead. They need to take all available preventative measures in advance. And they also need a response playbook ready in the event the preventative measures fail. This planning should be incorporated into, or developed complementary to, an organization’s existing cyber preparedness and incident response planning.”
Read the full Guide*
https://www.paulhastings.com/publications-items/details/?id=562ced69-2334-6428-811c-ff00004cbded