5 Questions to Ask Yourself Before Creating A Ransomware Recovery Plan

When Will Ransomware Affect The Company?

In today’s digital era, cyber security has become quite a significant matter to businesses and ransomware is one of the most imminent issues of cyber security. Ransomware affects all industries, no matter what your business is. Inevitably, it is only a matter of time before it affects your company. Looking at past attacks that happened to companies, ransomware primarily happens due to poor patch management of the company system. Weak cyber security systems ultimately create loopholes for threat actors to gain access, and thus the attacks. It is important for companies to arrange an extensive plan to guard themselves against ransomware attacks. So, what should you do to protect your company against ransomware and data loss? You can create your ransomware recovery plan by asking 5 essential questions:

  1. Who Will Be Executing The Recovery Plan?
    In the case that ransomware strikes, everyone in the company needs to be proactive and quick to deal with the issue and what to do next. You may have assigned teams to deal with the issue: damage control, damage assessments, and more. The other teams may be busy dealing with the impact of the attack: securing other data or even being in contact with the attackers themselves. While they are at work to identify and rectify the issue, who is in charge to execute the recovery plan and recover the lost data? It is important that you assign key personnel to take the lead to start the recovery process. This way, when the attack happens and things go into chaos, you can still recover the lost data using an effective recovery plan.

  2. What Kind of Data Can Be Recovered?
    Each and every one of your company's data is important. They are valuable assets to your business. However, different data have different priorities and you should be able to separate them according to their importance level. For one, the highest priority data should always be readily saved into the Data Recover (DR) runbook. In the case of ransomware, these urgent data should be recovered first. Thus, the best preparation before any attack happens is to group your data in order of priority, so you can then execute data recovery based on this priority list. Although it seems simple, the order of saving your data has a direct impact on your company’s ability to carry out its operation in the case of a ransomware attack.

  3. How Fast Can Data Be Recovered?
    We understand that it is necessary for you to recover your data as soon as possible to minimize downtime and let your company gets up and running as usual. However, when ransomware happens, your data is attacked and frozen at a particular point in time. So, before it happens, it is ideal to anticipate and back your data up. In DR Planning, this process is often known as the Recovery Point Objective (RPO). You want to question how up-to-date the recovered data is, and how much can you recover in time. In the case that this is not possible, you can either keep trying to find the most recent copy of the data or recover the data further back in time.

  4. Where Was Your Data Infected?
    When a ransom attack happens, the entire environment where data production happens becomes a crime scene. This being said, you cannot reuse the same environment to recover your data and continue your business as usual. So, it is essential to have an isolated, non-infected environment to recover your clean data set. For example, you can recover your data into a hosted environment in a DR-as-a-service partner's data center, or into a hyper-scale cloud provider, such as AWS or Azure. As a company running in today’s digital era, being able to mobilize in these environments after an attack could be the key to keeping your business alive.

  5. How Should You Recover From Cyberattacks and Prevent Future Occurrences?
    Creating an effective recovery plan requires good cooperation and communication within the company to come up with concrete planning. You first need to decide what kind of ransomware is most likely to occur in the future, identify the impact of these attacks, and discuss how you can minimize the impact of these threats on your business operations. When you understand what you are after, it is important to strategize how your business will continue after the ransomware attack. You need to do this with different teams in your company, since different teams may have different issues to tackle. You can also consider an offsite backup from reliable Backup And Disaster Recovery providers.


Now that data has become one of the most valuable assets to businesses, ransomware is becoming more and more scary and appalling. To protect your business, do not wait any longer to start creating a ransomware recovery plan. While hoping that we do not ever have to deal with these issues, you should still be prepared. Recovery plans can help you in the long run, if you happen to encounter ransomware in the future. Adventus is one of the most reliable managed backup service providers in Singapore, assisting you to create foolproof plans against any cyber security issues. From backing up your data to creating the most suitable recovery plans, learn more on how you can protect your company with our experts today.

Recent Posts

Contact Us

Speak to us about your IT needs

Schedule an Appointment

Consult with our Enterprise Account Managers and Specialists