Tabletop exercises need to simulate real business disruption scenarios, not just technical failures, says George Gerchow, CSO at security firm Bedrock Data and faculty member at IANS Research, a research and advisory firm. “Effective ransomware preparedness begins with practice, not panic,” he says. “The most valuable sessions include leaders from operations, legal, finance, HR, and communications, because these teams face the toughest decisions under pressure.”
Staffing, skills, and training
Many organizations continue to find that cybersecurity experts are in short supply, so staffing up teams is a challenge. That can be problematic for a ransomware strategy. Companies need to have a variety of skills in place, including expertise in incident detection and prevention, incident response, firewall configuration, and other areas.
They also need to be equipped to train all employees in how to help prevent ransomware attacks. This includes teaching them how to recognize, deal with, and report threats such as phishing emails, suspicious links, and questionable attachments.
