The Walls Have Been Breached! (Now What?)

In an article for Directors & Boards, corporate partners Doug Raymond and Amelia Brett discuss a ransomware attack on a public company, detailing the urgent steps the board and management must take, including securing communication, assessing the situation, obtaining expert advice, deciding whether to pay the ransom, and managing legal, reputational, and operational impacts, all while navigating extreme pressure and tight timelines.

The authors walk through a step-by-step action plan if your company is ever hit with a ransomware attack. Knowing the significance — and some would say inevitability — of a ransomware attack, the very short time frames involved, and the potential customer, stockholder and reputational ramifications, the board should not build this airplane while trying to fly it. Boards should expect such an attack to occur and run real-time practice scenarios to battle-test their readiness and ability to respond to even the most hostile attack.

The full article is available to Directors & Boards subscribers.