Prep: Make a plan
The growth of ransomware attacks demands all businesses should have playbooks detailing how security teams will detect and respond to incidents in both production and corporate environments, says Pierson. It's not enough to have a plan -- you also have to practice putting it in action.
"This means the security team and infrastructure team have a plan, have run a table top exercise, and even practiced a response more fully," he explains.
Many security pros focus on prevention. With every new threat vector, they must also assume there's a chance controls will fail and they'll need to respond to events that affect business operations.
(Image: Sfio Cracho via Shutterstock)