When rebuilding or sanitising your network , ensure the appropriate security controls are installed and are following best practices to ensure devices do not become reinfected . appropriate security controls are installed and are following best practices to ensure devices do not become reinfected .
When rebuilding or sanitising your network , ensure the appropriate security controls are installed and are following best practices to ensure devices do not become reinfected . appropriate security controls are installed and are following best practices to ensure devices do not become reinfected .
9 . Report the incident
It ’ s important to report the incident . You should also determine if reporting to law enforcement is needed and required . Your legal team can help address any legal obligations around regulated data .
10 . Paying the ransom
Law enforcement advises against paying the ransom . However , if you are considering it , you should hire a security company with specialised skills to help you . Additionally , paying the ransom or working out a settlement is not going to remediate the vulnerabilities that the attackers exploited , so it ’ s still essential to ensure you have identified the initial access point and patched the vulnerabilities .
11 . Conduct a post-incident review
Review your ransomware incident response to understand what went right and to document opportunities for improvement . This ensures the continuous improvement of your response and recovery capabilities for the future . Consider simulating the technical and non-technical details of the attack in the red team and table-top exercises so you can review your options . You can also consider doing proactive playbook building focused on different attack scenarios such as ransomware . If IT or security team staffing is limited , consider building a playbook using a service . u
76 www . intelligentciso . com