• Ransomware –
Checklist of Technical
Defenses
• Third party checklist
• Alston & Bird advisories
Preventative Practices
• Sample Executive-level
tabletop exercise
• Sample Board-level
tabletop exercise
• CISA tabletop Ransomware
exercise package
Tabletop Exercises
• Key regulator incident
response plan guidance
and materials
• Sample Enterprise Cyber
Event Response Plan
• Ransomware Playbook
Incident Response Plan+Ransomware Playbook
• Key ransomware third
parties and contact
information
Third-Party Cyber Partners
Ransomware Readiness
• Regulatory guidance on
ransomware (e.g., from OCR
and NYDFS)
• Regulatory reporting
requirements for
ransom/extortion payments
(e.g., NYDFS and CIRCIA)
• Sample materiality
considerations for the SEC’s
cyber disclosure rule
• Form 8-K tracker
Government Guidance & Disclosures
• OFAC guidance
on ransom payment
considerations
Sanctions Screening (OFAC)
• Government alerts
on ransomware threat
actors
Threat
Intelligence
• Key FBI contacts
for ransomware threat
actors
• Law enforcement
criminal actions
Law Enforcement
• Sample crisis
communications
templates
Cyber Crisis Communications
• Key case law and analysis
on privileged engagement
Third-Party Partner Engagement
Ransomware Response