Business Continuity Management / Disaster Recovery , Critical Infrastructure Security , Cybercrime

Minimizing Damage From Ransomware Attacks Requires Planning

Guidance From Attorney Guillermo Christensen: 'If You Want Peace, Prepare for War'
Guillermo Christensen, partner, Ice Miller

As ransomware-wielding attackers continue to target businesses large and small, incident response experts say that the organizations that respond best and escape most unscathed are the ones that already have in place well-honed and rehearsed plans.

See Also: The State of Organizations' Security Posture as of Q1 2018

"Almost all organizations that respond well to a ransomware event, it's because they prepared for it in advance," says attorney Guillermo Christensen, who's managing partner of the Washington, D.C. office of law firm Ice Miller. "If you want to prepare for a ransomware event, you take certain steps so when it happens - and it's really more 'when' than 'if' - you'll be in much better shape."

Christensen regularly advises clients on ransomware concerns, occasionally taking part in negotiations with ransomware-wielding attackers. While no plan is perfect, he says the planning process itself remains essential preparation.

"In the military context, there's a very famous saying: 'If you want peace, prepare for war.' So the same thing goes here: If you want to avoid ransomware, prepare for it, and that's things like having a plan," he says. "The plan is not going to work. I guarantee you, I've never seen a plan work the way it's supposed to. But that's OK. You've thought through the issues, and then, the practice. Practice is very important for that plan."

In an interview with Information Security Media Group, Christensen also discusses:

  • Common mistakes to avoid when preparing ransomware defenses;
  • Essential steps for responding to any ransomware incident;
  • How the ransomware landscape seems likely to evolve.

Christensen formerly served as a diplomat with the U.S. Department of State as well as an intelligence officer at the Central Intelligence Agency, and he draws on those experiences to shape and inform the advice he provides to clients on enterprise risks involving cybersecurity, national security and complex international business matters.

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.