A Bag of Spanners – Planning and Preparation

by
spanners and tools

Planning and Preparation – RANSOMWARE PART 2*

Following my article last week, where we looked at the important role “coffee**” has in your cyber security planning and preparation, I am going to follow that up with a series of articles (across the three blogs I regularly write for) looking at how planning and preparation impacts ransomware.

Practice Makes Perfect

The aim of your planning and preparation for ransomware, is to have a neatly bound folder on the shelf, or file in the cloud, or both and be ready for if the worst happens. But how do you get there and how do you know the plan is up to the job? Remember the plan is for sharing if it is going to work.

Get the stake holders involved

During the planning stage, get the people who are involved in using the systems you are trying to protect sitting round the table where the plans are being made. Talking, agendas and lists are essential but one of the more productive and fun ways to create the plan is to role play the different scenarios you come up with. It gives everyone a chance to show what their role in a scenario is, to see what solutions are already in place and to see the gaps in the current set up. I like it as well, as I can sit there and, from my experience, throw the occasional spanner into the works to ripple their complacency that they have everything covered.

And role playing does not end there

At my company we turn the occasional weekly staff meeting into a “this has happened – what are we going to do about it” role playing session. It is an interesting way to reinforce our understanding of an aspect of preparation and planning and to revise it f we find a gap.

Maybe you should try that with your current cyber security, ransomware or business continuity plan – I’d be happy to come along with my bag of spanners to help.

Formal Planning and Preparation Training

However, many managers do not see the value of this type of informal training…

No client, however, has ever disagreed with a formal training session once the plan has been created. People will need to know what to do if an incident happens and what their role and responsibilities are. Video the training sessions and create aide memoirs, as these are useful for your current team and those future new starts.

But remember this…

The plan is not static. The threat landscape changes and you and your plan need to keep up.

Do you read the daily cyber security news on Smart Thinking Solutions or other tech news services?

Next

Minimise the damage.


Clive Catton MSc (Cyber Security) – by-line and other articles

* This article is Part 2 of a short series looking at ransomware. Part 1 is here: Ransomware: Is It A Threat? – Part 1.

** Other hot or cold drinks are available – you choose.

References

Grimes, R. A. (2021). Ransomware protection playbook. John Wiley & Sons, Incorporated.

NCSC. (2023). A guide to ransomware. NCSC. Retrieved February 2, 2023, from https://www.ncsc.gov.uk/ransomware/home

Further Reading

Practice Drinking Coffee* better known as Planning and Preparation

Ransomware Mini-Series (2023)

Ransomware: Is it a Threat? (Part 1)

A Bag of Spanners – Planning and Preparation (Part 2)

Minimise the Damage – Planning and Preparation (Part 3)

Detecting Ransomware (Part 4)

Contact us for consultation

Wake up to cyber threats..

A Bag of Spanners - Planning and Preparation Cyber Awake
HQ Based between Newark and Lincoln

Get in touch

CyberAwake
Unit 2 Kingsley Court
Kingsley Road
Lincoln
LN6 3TA
United Kingdom

01522 508089

useful links

Website Cookies Icon

This website uses cookies to ensure you get the best experience on our website. Click for more information.

accept & Close