Lessons Learned from Microsoft’s Ransomware Playbook

• Ransomware represents one of the ultimate disaster recovery scenarios that can test an organization’s overall preparedness.
• All organizations must address the ransomware threat, even though its prevention and mitigation can seem overwhelming.
• Microsoft’s key strategy for managing the ransomware threat is creating and maintaining a centralized ransomware playbook.

No organization is immune from ransomware, regardless of its size, industry, or whether it is privately or publicly held or a government entity. Ransomware is malicious software that effectively stops an organization from functioning by making data and computer systems unavailable, or by threating to release sensitive information exfiltrated from the organization to the public. The effect is like any serious event such as a fire or natural disaster that destroys an organization’s ability to function and tests its disaster recovery preparedness. To protect against such a disaster, Microsoft recommends that each organization develop, maintain, and test a centralized ransomware playbook.