The ransomware playbook,
phase by phase.

Six phases, from the controls you set up long before an attack to the blameless review weeks after. Pick the version that matches your team — the advice changes a lot between a five-person shop and a 300-seat company.

01Preparation02Intrusion03Propagation04Response05Recovery06Post-mortem

Choose your profile

MICRO / SMALL · 1–501–50 seats

For Entrepreneurs

A six-phase walk-through tailored for businesses without a dedicated security team. Recommendations assume a trusted IT partner / MSP, cloud-first tools, and a cyber insurance policy doing the heavy lifting.

Open playbook→

SMALL–MEDIUM · 50–50050–500 seats

For Corporations

A six-phase walk-through tailored for companies with an in-house IT team, basic EDR / MFA controls, and a part-time CISO or vCISO. Assumes a pre-signed DFIR retainer, MSSP / SOC contract, and a real cyber insurance policy with named breach coach.

Open playbook→

The ransomware playbook,phase by phase.

Choose your profile

For Entrepreneurs

For Corporations

The ransomware playbook,
phase by phase.