A ransomware attack certainly qualifies as a disaster. The cause may not be a fire or flood, but your data is at risk of being wiped out.
Cybercriminals behind ransomware schemes want your money, not your data. Unlike other types of malware, the goal of ransomware is not to destroy valuable data but to hold it hostage, so theoretically you can get it back after paying the ransom – if you trust your extortionist.
However, stolen data loses its value as a captive asset if it is easily replaceable.
Perform regular backups of all mission-critical systems and keep them in a parallel IT environment offline or safely disconnected from the primary network, thereby negating the threat of ransomware.
Should an endpoint, database, or application become infected, simply wipe it clean or retire the asset and replace it with a new one using the latest backed-up data.
It is also important to have a response plan in place including a list of all partners, suppliers, and customers who might be affected by the event and begin notification immediately.