We’ve talked about real-world cyber incidents, and highlighted some response planning considerations to prepare for them. Now it’s time to spotlight the grueling process of containment and eradication. Organizations who have experienced a ransomware attack report attempting to restore directly back into production 63% of the time. This opens the door to serious risk of re-infection. Given that kind of scale, isolating and removing the threat from affected systems requires a tactical and cooperative effort between IT and security teams.
In this episode of our Cyber Incident Response series, Jason Buffington and Brad Linch from Veeam’s Product Strategy team shed light on the communication, coordination, and triage efforts needed to contain and eradicate malicious activity. Plus, as BC/DR experts, they both have a wealth of experience recovering after disasters. So, bring your stories, best (or worst) practices and questions to the livestream for our penultimate installment of the series.