Have what it takes
to recover from ransomware?

What are your top priorities when it comes to ransomware recovery? (Pick up to 3)

What steps have you taken to prepare for recovery from ransomware? (check all that apply)

How confident are you in your ability to meet your RTO & RPO objectives in the event of a ransomware attack?

Please select an option High confidence Moderate confidence Low confidence

During recovery from ransomware, my organization has the ability to: (check all that apply)

Filter out malware
Filter out encrypted data
Understand which dataset is safest to restore
None of the above

What level of orchestration and automation do you have for ransomware response and recovery processes? (e.g. Can your system perform actions like quarantining affected resources, or performing recovery scans without IT intervention?)

Please select an option 1 (Mostly manual: we need help to reduce the amount of time needed to recover) 2 3 4 5 (Mostly automated: we can automatically recover the most recent, clean version of every file)

My backups are secured with: (check all that apply)

MFA (multi-factor authentication)
Air gap with off-site/cloud storage
Encryption
Immutability
Access logging
SIEM/SOAR integration

Does your organization conduct penetration tests and vulnerability assessments on your backup infrastructure?

Please select an option Yes No

Does your organization have threat detection and alerting tools implemented for your backup environment and data (e.g. to detect compromised admins or data sets)?

Please select an option Yes No

Can you determine which backups have encrypted or corrupted data once you discover an attack? (i.e. audit logs)

Please select an option Yes No