Immediate Steps to Take (or Not Take) When Ransomware Strikes
Date: Tuesday, March 10th at 11:00am PT / 2:00pm ET
It usually happens in the middle of the night. Not necessarily because “It must be the Russians!” but because cybercriminals have fully reconnoitered your network and will initiate the encryption of your files when someone is least likely to sound the alarm.
This is exactly why ransomware attacks hit on Friday afternoons and over three-day weekends. Cybercriminals need the encryption process to execute thoroughly and without interruption. Like burglars casing a home, they strike when they know they’re least likely to get caught.
Monday morning at eight o’clock, you receive an urgent call from your head of IT – employees across your organization are locked out of their computers, vendors are asking why billing is interrupted, customers aren’t able to access your website and make purchases...
- Who should you call when your organization is hit?
- Who can you tell what information and when?
- What are the immediate steps you should (and shouldn’t) take to mitigate harm to your business operations and infrastructure?
- What does an Incident Response team do to facilitate business recovery?
- Do you have stand-alone cyber insurance or perhaps a cyber endorsement to another policy?
- Do you know how cyber insurance can help the situation?
Austin Berglas, Global Head of Professional Services at Blue Voyant and former Assistant Special Agent in Charge of the FBI’s New York Office Cyber Branch
Jennifer Rothstein, Business Development Head, Insurance and Legal at BlueVoyant