March 11, 2026

Ransomware Attack Response and Policy

In Part 1 of this assignment, you recommend appropriate actions in the wake of a ransomware attack. In Part 2, you propose a policy governing aspects of BC/DR related to these types of attacks.

Preparation
Read BC/DR Plans vs Policy [PDF] Download BC/DR Plans vs Policy [PDF]to better understand the distinction between a BC/DR Plan and a Policy.

Scenario
Imagine that you are the Cybersecurity manager for the hospital in your chosen scenario, and the following transpired:

An employee in the billing department reported clicking on a link in an email. Within minutes, their workstation displays a locked screen Ransom Message (view here) Download Ransom Message (view here).

Text excerpt of the message:

Your Security Operations Center (SOC) confirms this may be an active ransomware incident. Internal monitoring tools show that the unauthorized encryption activity will spread to nearby devices or computers. You have 30 minutes to initiate containment before system-wide access becomes irrecoverable. This includes potential downtime for critical patient care systems.

Instructions
Complete the following 2 parts of this assignment:

Part 1: Disaster Response
Consider the scenario and do the following:

Justify 3 essential response objectives that, if conducted properly in a timely fashion, would effectively mitigate the immediate threat.
Justify the immediate (within 30 minutes) actions you would take to support the stated objectives effectively. Consider:
Team/Personnel roles and responsibilities.
Impacted systems, operations, software, and hardware.
Timeframes, sequences, or parameters observed.
Essential communications (internal and external to the IT department).
Note: State any assumptions you make that support your work.

Part 2: Business Continuity/Disaster Recovery Policy
Note: Work completed here will be used in your Week 10 assignment, Cybersecurity Policy Manual.

Craft policy that effectively governs 4 prevention and/or post-attack practices, procedures, and protocols for ransomware attacks in detail that is sufficient to fully guide relevant BC/DR operations and meet the following criteria:

State a purpose and scope.
Be realistic for the organization’s structure and technical environment.
Comprehensively define enforceable practices, procedures, protocols, and parameters (such as RTO/RPO) for ransomware attacks.
Be written as a formal policy statement (e.g., “All remote devices must use Mobile Device Management (MDM) enforced encryption”) that includes its goals and purposes.
Reference regulatory, procedural, or technology-based solutions (i.e., ISO2700, NIST, HIPAA, etc.).

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.

Ransomware Attack Response and Policy

Related Posts

Security Assessment Report for Fielder Medical Center

Research cloud computing and explore its advantages and disadvantages

You are the program manager, and you are trying to decide on the best course of action to decrease the incidence and prevalence of the disease selected in IP 2