Fraud Management & Cybercrime , Ransomware , Social Engineering

Ransomware: Building an Incident Response Plan

Sophos' John Shier on Spelling Out, and Testing, All the Steps
John Shier from Sophos

Enterprises must have their ransomware response plan tested on a regular basis and it must spell out specific steps on what to do in event of an attack, says John Shier, senor security advisor at Sophos.

See Also: Live Webinar | Steps You Can Take Right Now to Guard Against Ransomware Attacks

"It involves you understanding exactly what you need to do in an event of a ransomware attack," Shier says. "What systems do you need to either turn off, isolate or quarantine? Who do you need to call internally and also communicate with … outside the organization?"

An incident response plan should be tested via repeated drills, he stresses.

In a video interview with Information Security Media Group, Shier also discusses:

  • How ransomware gangs's tactics have evolved;
  • Tips on defending against ransomware attacks;
  • What tools to leverage in an event of an attack.

Shier, a senior security adviser at Sophos, has more than two decades of cybersecurity experience. He’s passionate about protecting consumers and organizations from advanced threats and conducted extensive research on ransomware and illicit dark web activity, uncovering insights needed to strengthen proactive cybersecurity defenses.


About the Author

Suparna Goswami

Suparna Goswami

Associate Editor, ISMG

Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she wrote about the Indian startup ecosystem. She has also worked with UK-based International Finance Magazine and leading Indian newspapers, such as DNA and Times of India.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.