A ransomware attack is a wake-up call. It means you have at least one serious weakness in your computer security defense and, more likely, many others. This chapter discusses ideas that victim organizations may want to consider in the aftermath of a ransomware attack. This chapter focuses on some needed overall paradigm shifts and some specific tactics that will benefit any cybersecurity defender.

Paradigm Shifts

Eighty percent of ransomware victims suffer multiple attacks (https://blog.knowbe4.com/80-of-ransomware-victim-organizations-experience-a-second-attack). A bad ransomware event causing serious operational interruption is a chance to relook at your whole cybersecurity strategy. Most cybersecurity defenders are defending inefficiently, concentrating on the wrong things, and not putting the bulk of their efforts into the right places. This section discusses likely paradigm shifts needed in most ransomware victim's computer security defenses. You may be one of the few victims who already do these things, but if not, read on. This chapter reinforces some of the ideas and recommendations presented in Chapter 2, “Preventing Ransomware,” and adds more.