{"product_id":"ransomware-protection-playbook-isbn-9781119849124","title":"Ransomware Protection Playbook","description":"\u003cp\u003e\u003cb\u003eAvoid becoming the next ransomware victim by taking practical steps today\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eColonial Pipeline. CWT Global. Brenntag. Travelex. The list of ransomware victims is long, distinguished, and sophisticated. And it's growing longer every day.\u003c\/p\u003e \u003cp\u003eIn \u003ci\u003eRansomware Protection Playbook\u003c\/i\u003e, computer security veteran and expert penetration tester Roger A. Grimes delivers an actionable blueprint for organizations seeking a robust defense against one of the most insidious and destructive IT threats currently in the wild. You'll learn about concrete steps you can take now to protect yourself or your organization from ransomware attacks.\u003c\/p\u003e \u003cp\u003eIn addition to walking you through the necessary technical preventative measures, this critical book will show you how to:\u003c\/p\u003e \u003cul\u003e \u003cli\u003eQuickly detect an attack, limit the damage, and decide whether to pay the ransom\u003c\/li\u003e \u003cli\u003eImplement a pre-set game plan in the event of a game-changing security breach to help limit the reputational and financial damage\u003c\/li\u003e \u003cli\u003eLay down a secure foundation of cybersecurity insurance and legal protection to mitigate the disruption to your life and business\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003eA must-read for cyber and information security professionals, privacy leaders, risk managers, and CTOs, \u003ci\u003eRansomware Protection Playbook\u003c\/i\u003e is an irreplaceable and timely resource for anyone concerned about the security of their, or their organization's, data.\u003c\/p\u003e \u003cp\u003eAcknowledgments xi\u003c\/p\u003e \u003cp\u003eIntroduction xxi\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart I: \u003c\/b\u003e\u003cb\u003eIntroduction 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 1: \u003c\/b\u003e\u003cb\u003eIntroduction to Ransomware 3\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eHow Bad is the Problem? 4\u003c\/p\u003e \u003cp\u003eVariability of Ransomware Data 5\u003c\/p\u003e \u003cp\u003eTrue Costs of Ransomware 7\u003c\/p\u003e \u003cp\u003eTypes of Ransomware 9\u003c\/p\u003e \u003cp\u003eFake Ransomware 10\u003c\/p\u003e \u003cp\u003eImmediate Action vs. Delayed 14\u003c\/p\u003e \u003cp\u003eAutomatic or Human-Directed 17\u003c\/p\u003e \u003cp\u003eSingle Device Impacts or More 18\u003c\/p\u003e \u003cp\u003eRansomware Root Exploit 19\u003c\/p\u003e \u003cp\u003eFile Encrypting vs. Boot Infecting 21\u003c\/p\u003e \u003cp\u003eGood vs. Bad Encryption 22\u003c\/p\u003e \u003cp\u003eEncryption vs. More Payloads 23\u003c\/p\u003e \u003cp\u003eRansomware as a Service 30\u003c\/p\u003e \u003cp\u003eTypical Ransomware Process and Components 32\u003c\/p\u003e \u003cp\u003eInfiltrate 32\u003c\/p\u003e \u003cp\u003eAfter Initial Execution 34\u003c\/p\u003e \u003cp\u003eDial-Home 34\u003c\/p\u003e \u003cp\u003eAuto-Update 37\u003c\/p\u003e \u003cp\u003eCheck for Location 38\u003c\/p\u003e \u003cp\u003eInitial Automatic Payloads 39\u003c\/p\u003e \u003cp\u003eWaiting 40\u003c\/p\u003e \u003cp\u003eHacker Checks C\u0026amp;C 40\u003c\/p\u003e \u003cp\u003eMore Tools Used 40\u003c\/p\u003e \u003cp\u003eReconnaissance 41\u003c\/p\u003e \u003cp\u003eReadying Encryption 42\u003c\/p\u003e \u003cp\u003eData Exfiltration 43\u003c\/p\u003e \u003cp\u003eEncryption 44\u003c\/p\u003e \u003cp\u003eExtortion Demand 45\u003c\/p\u003e \u003cp\u003eNegotiations 46\u003c\/p\u003e \u003cp\u003eProvide Decryption Keys 47\u003c\/p\u003e \u003cp\u003eRansomware Goes Conglomerate 48\u003c\/p\u003e \u003cp\u003eRansomware Industry Components 52\u003c\/p\u003e \u003cp\u003eSummary 55\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 2: \u003c\/b\u003e\u003cb\u003ePreventing Ransomware 57\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eNineteen Minutes to Takeover 57\u003c\/p\u003e \u003cp\u003eGood General Computer Defense Strategy 59\u003c\/p\u003e \u003cp\u003eUnderstanding How Ransomware Attacks 61\u003c\/p\u003e \u003cp\u003eThe Nine Exploit Methods All Hackers and Malware Use 62\u003c\/p\u003e \u003cp\u003eTop Root-Cause Exploit Methods of All Hackers and Malware 63\u003c\/p\u003e \u003cp\u003eTop Root-Cause Exploit Methods of Ransomware 64\u003c\/p\u003e \u003cp\u003ePreventing Ransomware 67\u003c\/p\u003e \u003cp\u003ePrimary Defenses 67\u003c\/p\u003e \u003cp\u003eEverything Else 70\u003c\/p\u003e \u003cp\u003eUse Application Control 70\u003c\/p\u003e \u003cp\u003eAntivirus Prevention 73\u003c\/p\u003e \u003cp\u003eSecure Configurations 74\u003c\/p\u003e \u003cp\u003ePrivileged Account Management 74\u003c\/p\u003e \u003cp\u003eSecurity Boundary Segmentation 75\u003c\/p\u003e \u003cp\u003eData Protection 76\u003c\/p\u003e \u003cp\u003eBlock USB Keys 76\u003c\/p\u003e \u003cp\u003eImplement a Foreign Russian Language 77\u003c\/p\u003e \u003cp\u003eBeyond Self-Defense 78\u003c\/p\u003e \u003cp\u003eGeopolitical Solutions 79\u003c\/p\u003e \u003cp\u003eInternational Cooperation and Law Enforcement 79\u003c\/p\u003e \u003cp\u003eCoordinated Technical Defense 80\u003c\/p\u003e \u003cp\u003eDisrupt Money Supply 81\u003c\/p\u003e \u003cp\u003eFix the Internet 81\u003c\/p\u003e \u003cp\u003eSummary 84\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 3: \u003c\/b\u003e\u003cb\u003eCybersecurity Insurance 85\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eCybersecurity Insurance Shakeout 85\u003c\/p\u003e \u003cp\u003eDid Cybersecurity Insurance Make Ransomware Worse? 90\u003c\/p\u003e \u003cp\u003eCybersecurity Insurance Policies 92\u003c\/p\u003e \u003cp\u003eWhat’s Covered by Most Cybersecurity Policies 93\u003c\/p\u003e \u003cp\u003eRecovery Costs 93\u003c\/p\u003e \u003cp\u003eRansom 94\u003c\/p\u003e \u003cp\u003eRoot-Cause Analysis 95\u003c\/p\u003e \u003cp\u003eBusiness Interruption Costs 95\u003c\/p\u003e \u003cp\u003eCustomer\/Stakeholder Notifications and Protection 96\u003c\/p\u003e \u003cp\u003eFines and Legal Investigations 96\u003c\/p\u003e \u003cp\u003eExample Cyber Insurance Policy Structure 97\u003c\/p\u003e \u003cp\u003eCosts Covered and Not Covered by Insurance 98\u003c\/p\u003e \u003cp\u003eThe Insurance Process 101\u003c\/p\u003e \u003cp\u003eGetting Insurance 101\u003c\/p\u003e \u003cp\u003eCybersecurity Risk Determination 102\u003c\/p\u003e \u003cp\u003eUnderwriting and Approval 103\u003c\/p\u003e \u003cp\u003eIncident Claim Process 104\u003c\/p\u003e \u003cp\u003eInitial Technical Help 105\u003c\/p\u003e \u003cp\u003eWhat to Watch Out For 106\u003c\/p\u003e \u003cp\u003eSocial Engineering Outs 107\u003c\/p\u003e \u003cp\u003eMake Sure Your Policy Covers Ransomware 107\u003c\/p\u003e \u003cp\u003eEmployee’s Mistake Involved 107\u003c\/p\u003e \u003cp\u003eWork-from-Home Scenarios 108\u003c\/p\u003e \u003cp\u003eWar Exclusion Clauses 108\u003c\/p\u003e \u003cp\u003eFuture of Cybersecurity Insurance 109\u003c\/p\u003e \u003cp\u003eSummary 111\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 4: \u003c\/b\u003e\u003cb\u003eLegal Considerations 113\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eBitcoin and Cryptocurrencies 114\u003c\/p\u003e \u003cp\u003eCan You Be in Legal Jeopardy for Paying a Ransom? 123\u003c\/p\u003e \u003cp\u003eConsult with a Lawyer 127\u003c\/p\u003e \u003cp\u003eTry to Follow the Money 127\u003c\/p\u003e \u003cp\u003eGet Law Enforcement Involved 128\u003c\/p\u003e \u003cp\u003eGet an OFAC License to Pay the Ransom 129\u003c\/p\u003e \u003cp\u003eDo Your Due Diligence 129\u003c\/p\u003e \u003cp\u003eIs It an Official Data Breach? 129\u003c\/p\u003e \u003cp\u003ePreserve Evidence 130\u003c\/p\u003e \u003cp\u003eLegal Defense Summary 130\u003c\/p\u003e \u003cp\u003eSummary 131\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePart II: \u003c\/b\u003e\u003cb\u003eDetection and Recovery 133\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 5: \u003c\/b\u003e\u003cb\u003eRansomware Response Plan 135\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhy Do Response Planning? 135\u003c\/p\u003e \u003cp\u003eWhen Should a Response Plan Be Made? 136\u003c\/p\u003e \u003cp\u003eWhat Should a Response Plan Include? 136\u003c\/p\u003e \u003cp\u003eSmall Response vs. Large Response Threshold 137\u003c\/p\u003e \u003cp\u003eKey People 137\u003c\/p\u003e \u003cp\u003eCommunications Plan 138\u003c\/p\u003e \u003cp\u003ePublic Relations Plan 141\u003c\/p\u003e \u003cp\u003eReliable Backup 142\u003c\/p\u003e \u003cp\u003eRansom Payment Planning 144\u003c\/p\u003e \u003cp\u003eCybersecurity Insurance Plan 146\u003c\/p\u003e \u003cp\u003eWhat It Takes to Declare an Official Data Breach 147\u003c\/p\u003e \u003cp\u003eInternal vs. External Consultants 148\u003c\/p\u003e \u003cp\u003eCryptocurrency Wallet 149\u003c\/p\u003e \u003cp\u003eResponse 151\u003c\/p\u003e \u003cp\u003eChecklist 151\u003c\/p\u003e \u003cp\u003eDefinitions 153\u003c\/p\u003e \u003cp\u003ePractice Makes Perfect 153\u003c\/p\u003e \u003cp\u003eSummary 154\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 6: \u003c\/b\u003e\u003cb\u003eDetecting Ransomware 155\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhy is Ransomware So Hard to Detect? 155\u003c\/p\u003e \u003cp\u003eDetection Methods 158\u003c\/p\u003e \u003cp\u003eSecurity Awareness Training 158\u003c\/p\u003e \u003cp\u003eAV\/EDR Adjunct Detections 159\u003c\/p\u003e \u003cp\u003eDetect New Processes 160\u003c\/p\u003e \u003cp\u003eAnomalous Network Connections 164\u003c\/p\u003e \u003cp\u003eNew, Unexplained Things 166\u003c\/p\u003e \u003cp\u003eUnexplained Stoppages 167\u003c\/p\u003e \u003cp\u003eAggressive Monitoring 169\u003c\/p\u003e \u003cp\u003eExample Detection Solution 169\u003c\/p\u003e \u003cp\u003eSummary 175\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 7: \u003c\/b\u003e\u003cb\u003eMinimizing Damage 177\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eBasic Outline for Initial Ransomware Response 177\u003c\/p\u003e \u003cp\u003eStop the Spread 179\u003c\/p\u003e \u003cp\u003ePower Down or Isolate Exploited Devices 180\u003c\/p\u003e \u003cp\u003eDisconnecting the Network 181\u003c\/p\u003e \u003cp\u003eDisconnect at the Network Access Points 182\u003c\/p\u003e \u003cp\u003eSuppose You Can’t Disconnect the Network 183\u003c\/p\u003e \u003cp\u003eInitial Damage Assessment 184\u003c\/p\u003e \u003cp\u003eWhat is Impacted? 185\u003c\/p\u003e \u003cp\u003eEnsure Your Backups Are Still Good 186\u003c\/p\u003e \u003cp\u003eCheck for Signs of Data and Credential Exfiltration 186\u003c\/p\u003e \u003cp\u003eCheck for Rogue Email Rules 187\u003c\/p\u003e \u003cp\u003eWhat Do You Know About the Ransomware? 187\u003c\/p\u003e \u003cp\u003eFirst Team Meeting 188\u003c\/p\u003e \u003cp\u003eDetermine Next Steps 189\u003c\/p\u003e \u003cp\u003ePay the Ransom or Not? 190\u003c\/p\u003e \u003cp\u003eRecover or Rebuild? 190\u003c\/p\u003e \u003cp\u003eSummary 193\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 8: \u003c\/b\u003e\u003cb\u003eEarly Responses 195\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhat Do You Know? 195\u003c\/p\u003e \u003cp\u003eA Few Things to Remember 197\u003c\/p\u003e \u003cp\u003eEncryption is Likely Not Your Only Problem 198\u003c\/p\u003e \u003cp\u003eReputational Harm May Occur 199\u003c\/p\u003e \u003cp\u003eFirings May Happen 200\u003c\/p\u003e \u003cp\u003eIt Could Get Worse 201\u003c\/p\u003e \u003cp\u003eMajor Decisions 202\u003c\/p\u003e \u003cp\u003eBusiness Impact Analysis 202\u003c\/p\u003e \u003cp\u003eDetermine Business Interruption Workarounds 203\u003c\/p\u003e \u003cp\u003eDid Data Exfiltration Happen? 204\u003c\/p\u003e \u003cp\u003eCan You Decrypt the Data Without Paying? 204\u003c\/p\u003e \u003cp\u003eRansomware is Buggy 205\u003c\/p\u003e \u003cp\u003eRansomware Decryption Websites 205\u003c\/p\u003e \u003cp\u003eRansomware Gang Publishes Decryption Keys 206\u003c\/p\u003e \u003cp\u003eSniff a Ransomware Key Off the Network? 206\u003c\/p\u003e \u003cp\u003eRecovery Companies Who Lie About Decryption Key Use 207\u003c\/p\u003e \u003cp\u003eIf You Get the Decryption Keys 207\u003c\/p\u003e \u003cp\u003eSave Encrypted Data Just in Case 208\u003c\/p\u003e \u003cp\u003eDetermine Whether the Ransom Should Be Paid 209\u003c\/p\u003e \u003cp\u003eNot Paying the Ransom 209\u003c\/p\u003e \u003cp\u003ePaying the Ransom 210\u003c\/p\u003e \u003cp\u003eRecover or Rebuild Involved Systems? 212\u003c\/p\u003e \u003cp\u003eDetermine Dwell Time 212\u003c\/p\u003e \u003cp\u003eDetermine Root Cause 213\u003c\/p\u003e \u003cp\u003ePoint Fix or Time to Get Serious? 214\u003c\/p\u003e \u003cp\u003eEarly Actions 215\u003c\/p\u003e \u003cp\u003ePreserve the Evidence 215\u003c\/p\u003e \u003cp\u003eRemove the Malware 215\u003c\/p\u003e \u003cp\u003eChange All Passwords 217\u003c\/p\u003e \u003cp\u003eSummary 217\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 9: \u003c\/b\u003e\u003cb\u003eEnvironment Recovery 219\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eBig Decisions 219\u003c\/p\u003e \u003cp\u003eRecover vs. Rebuild 220\u003c\/p\u003e \u003cp\u003eIn What Order 221\u003c\/p\u003e \u003cp\u003eRestoring Network 221\u003c\/p\u003e \u003cp\u003eRestore IT Security Services 223\u003c\/p\u003e \u003cp\u003eRestore Virtual Machines and\/or Cloud Services 223\u003c\/p\u003e \u003cp\u003eRestore Backup Systems 224\u003c\/p\u003e \u003cp\u003eRestore Clients, Servers, Applications, Services 224\u003c\/p\u003e \u003cp\u003eConduct Unit Testing 225\u003c\/p\u003e \u003cp\u003eRebuild Process Summary 225\u003c\/p\u003e \u003cp\u003eRecovery Process Summary 228\u003c\/p\u003e \u003cp\u003eRecovering a Windows Computer 229\u003c\/p\u003e \u003cp\u003eRecovering\/Restoring Microsoft Active Directory 231\u003c\/p\u003e \u003cp\u003eSummary 233\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 10: \u003c\/b\u003e\u003cb\u003eNext Steps 235\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eParadigm Shifts 235\u003c\/p\u003e \u003cp\u003eImplement a Data-Driven Defense 236\u003c\/p\u003e \u003cp\u003eFocus on Root Causes 238\u003c\/p\u003e \u003cp\u003eRank Everything! 239\u003c\/p\u003e \u003cp\u003eGet and Use Good Data 240\u003c\/p\u003e \u003cp\u003eHeed Growing Threats More 241\u003c\/p\u003e \u003cp\u003eRow the Same Direction 241\u003c\/p\u003e \u003cp\u003eFocus on Social Engineering Mitigation 242\u003c\/p\u003e \u003cp\u003eTrack Processes and Network Traffic 243\u003c\/p\u003e \u003cp\u003eImprove Overall Cybersecurity Hygiene 243\u003c\/p\u003e \u003cp\u003eUse Multifactor Authentication 243\u003c\/p\u003e \u003cp\u003eUse a Strong Password Policy 244\u003c\/p\u003e \u003cp\u003eSecure Elevated Group Memberships 246\u003c\/p\u003e \u003cp\u003eImprove Security Monitoring 247\u003c\/p\u003e \u003cp\u003eSecure PowerShell 247\u003c\/p\u003e \u003cp\u003eSecure Data 248\u003c\/p\u003e \u003cp\u003eSecure Backups 249\u003c\/p\u003e \u003cp\u003eSummary 250\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 11: \u003c\/b\u003e\u003cb\u003eWhat Not to Do 251\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAssume You Can’t Be a Victim 251\u003c\/p\u003e \u003cp\u003eThink That One Super-Tool Can Prevent an Attack 252\u003c\/p\u003e \u003cp\u003eAssume Too Quickly Your Backup is Good 252\u003c\/p\u003e \u003cp\u003eUse Inexperienced Responders 253\u003c\/p\u003e \u003cp\u003eGive Inadequate Considerations to Paying Ransom 254\u003c\/p\u003e \u003cp\u003eLie to Attackers 255\u003c\/p\u003e \u003cp\u003eInsult the Gang by Suggesting Tiny Ransom 255\u003c\/p\u003e \u003cp\u003ePay the Whole Amount Right Away 256\u003c\/p\u003e \u003cp\u003eArgue with the Ransomware Gang 257\u003c\/p\u003e \u003cp\u003eApply Decryption Keys to Your Only Copy 257\u003c\/p\u003e \u003cp\u003eNot Care About Root Cause 257\u003c\/p\u003e \u003cp\u003eKeep Your Ransomware Response Plan Online Only 258\u003c\/p\u003e \u003cp\u003eAllow a Team Member to Go Rogue 258\u003c\/p\u003e \u003cp\u003eAccept a Social Engineering Exclusion in Your Cyber-Insurance Policy 259\u003c\/p\u003e \u003cp\u003eSummary 259\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 12: \u003c\/b\u003e\u003cb\u003eFuture of Ransomware 261\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFuture of Ransomware 261\u003c\/p\u003e \u003cp\u003eAttacks Beyond Traditional Computers 262\u003c\/p\u003e \u003cp\u003eIoT Ransoms 264\u003c\/p\u003e \u003cp\u003eMixed-Purpose\u003c\/p\u003e \u003cp\u003eHacking Gangs 265\u003c\/p\u003e \u003cp\u003eFuture of Ransomware Defense 267\u003c\/p\u003e \u003cp\u003eFuture Technical Defenses 267\u003c\/p\u003e \u003cp\u003eRansomware Countermeasure Apps and Features 267\u003c\/p\u003e \u003cp\u003eAI Defense and Bots 268\u003c\/p\u003e \u003cp\u003eStrategic Defenses 269\u003c\/p\u003e \u003cp\u003eFocus on Mitigating Root Causes 269\u003c\/p\u003e \u003cp\u003eGeopolitical Improvements 269\u003c\/p\u003e \u003cp\u003eSystematic Improvements 270\u003c\/p\u003e \u003cp\u003eUse Cyber Insurance as a Tool 270\u003c\/p\u003e \u003cp\u003eImprove Internet Security Overall 271\u003c\/p\u003e \u003cp\u003eSummary 271\u003c\/p\u003e \u003cp\u003eParting Words 272\u003c\/p\u003e \u003cp\u003eIndex 273\u003c\/p\u003e \u003cp\u003e\u003cb\u003eROGER A. GRIMES\u003c\/b\u003e is a 34-year computer security expert and author on the subject of hacking, malware, and ransomware attacks. He was the weekly security columnist at \u003ci\u003eInfoWorld\u003c\/i\u003e and \u003ci\u003eCSO\u003c\/i\u003e Magazines between 2005 and 2019. He is frequently interviewed and quoted, including by \u003ci\u003eNewsweek\u003c\/i\u003e, \u003ci\u003eCNN\u003c\/i\u003e, \u003ci\u003eNPR\u003c\/i\u003e, and the \u003ci\u003eWSJ\u003c\/i\u003e.\u003c\/p\u003e \u003cp\u003e\u003cb\u003eDISCOVER SIMPLE STEPS TO AVOID BECOMING TOMORROW’S NEXT RANSOMWARE VICTIM\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFrom Colonial Pipeline to CWT Global, Brenntag, and Travelex, the list of ransomware victims around the world is as long as it is disheartening. The good news is that there's a lot you can do to protect yourself from these bad actors and secure your own systems against this malicious software.\u003c\/p\u003e \u003cp\u003eIn \u003ci\u003eRansomware Protection Playbook,\u003c\/i\u003e cybersecurity veteran and pentester Roger A. Grimes delivers a practical roadmap to protecting your networks against one of the most insidious and damaging cyber threats currently in the wild. You'll discover concrete steps you can take \u003ci\u003eright now\u003c\/i\u003e to fortify your defenses and prepare for an attack.\u003c\/p\u003e \u003cp\u003eThe author describes the preventative measures you can take to stop an attack before it starts. He also discusses how to quickly detect an attack, limit the damage when one does occur, and how to decide whether to pay the ransom. You'll be prepared to implement a pre-set gameplan in the event of a security breach and limit the financial and reputational damage your organization suffers as a result. You'll also learn how to create a solid foundation of cybersecurity insurance and legal protection to mitigate potential disruption to your business activities.\u003c\/p\u003e \u003cp\u003eWith this game-changing security framework, you'll also:\u003c\/p\u003e \u003cul\u003e \u003cli\u003eCreate pre-fab crisis response plans to implement during an attack\u003c\/li\u003e \u003cli\u003eEvaluate and select cybersecurity insurance and legal protection plans\u003c\/li\u003e \u003cli\u003eLay down thick walls of information security to prevent an attack\u003c\/li\u003e \u003cli\u003eLearn lessons from some of the most high-profile ransomware attacks so far\u003c\/li\u003e \u003cli\u003eMitigate your odds of becoming a cautionary tale for the next generation\u003c\/li\u003e \u003c\/ul\u003e","brand":"Wiley","offers":[{"title":"Default Title","offer_id":47989912273125,"sku":"NP9781119849124","price":28.0,"currency_code":"USD","in_stock":false}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/1842\/7735\/files\/9781119849124.jpg?v=1761785880","url":"https:\/\/k12savings.com\/es\/products\/ransomware-protection-playbook-isbn-9781119849124","provider":"K12savings","version":"1.0","type":"link"}