Despite your best efforts, there is a good chance your organization will be the victim of a ransomware attack. What do you do when that happens? Organizations need to plan for a ransomware attack. This talk will cover steps organizations can take to prepare for a ransomware attack and review the initial steps after an attack happens. Topics include:

1. What log sources should be collected.
2. Getting the right people involved
3. Testing your IR plan