Government cybersecurity agencies recommend devising a security incident management plan, supplementing it with runbooks for specific types of security incidents, and practicing your response.
Cybersecurity insurance providers are increasingly requiring organizations to put in place a tabletop testing program before they qualify for insurance.
Adapt this tabletop planning session template to plan the internal IT response to a ransomware scenario, facilitate planning sessions, and gather lessons learned.