Our Approach

Definitive Guide to Ransomware

Responding to Ransomware

A practical guide

Cybersecurity incidents demand a tailored approach, and ransomware is no exception. This playbook provides a comprehensive, actionable guide for navigating the complexities of ransomware attacks. It addresses two distinct scenarios - pre-encryption and post-encryption - recognizing that objectives, priorities, and trade-offs differ significantly before and after encryption occurs.

What you get from this playbook:

  • Swift pre-encryption actions: Learn key response actions to take in the first 24-48 hours, including isolating compromised systems, securing backups, and preparing for attacker eradication. 
  • Navigate legal & regulatory obligations: Understand your incident reporting requirements and legal obligations, enabling compliance with NIS2 and DORA. 
  • Post-encryption recovery framework: Validate the integrity of backups, define order-of-restore, monitor restored systems with EDR/MDR, and perform a thorough root cause analysis to prevent re-compromise. 
  • Real-world insights: Benefit from lessons learned and practical strategies derived from actual ransomware incidents handled by Hunt & Hackett's experts. 

Download now

Playbook cover
Playbook introduction
Playbook page 3
Playbook page 4
Playbook page 5

Keep me informed