Conduct risk assessments and penetration tests to determine the attack surface and current state of security resilience and preparedness in terms of tools, processes and skills.
Establish processes and compliance procedures that involve key decision makers in the organisation, even before preparing for the technical response to a ransomware attack.
Conduct frequent exercises and drills to ensure that systems are always able to detect ransomware attacks. Back up not only the data but also every non-standard application and its supporting IT infrastructure. Maintain frequent and reliable backup and recovery capabilities. If online backups are used, ensure they cannot become encrypted by ransomware.
Restrict permissions and deny unauthorised access to devices. Remove local administrator rights from end users and block application installation by standard users, replacing this with a centrally managed software distribution facility.
Research government and regional authorities that have provided guidelines on how organisations can fortify their IT infrastructure against ransomware.
From ‘6 Ways to Defend Against a Ransomware Attack’, Gartner