Your ransomware nightmare just came true – now what?

Feature So, the worst has happened. Computer screens all over your org are flashing up a warning that you've been infected by ransomware, or you've got a message that someone's been stealing information from your server.

There's a growing market of firms that advise extortion victims on how to handle the situation, but that just adds another invoice to the injury, and some still prefer to go it alone. In the end, while a few companies do ignore ransom demands outright, all at least assess their options before deciding whether to negotiate, restore from backups, or pay up.

"I believe less than a quarter of the organizations last year that we assisted ended up going on their own and settling with the threat actor," explained Andrew Carr, senior manager of business development with Booz Allen's Commercial Incident Response team.

So how should you proceed?

First ...