Heather Pennel

We operate in a world where ransomware is no longer a distant possibility; it’s a “when, not if” scenario for most organizations. Even with strong training and preparation, the pressure of a real incident can make it difficult to think clearly in the moment. That’s why having a well‑structured guide is invaluable. Ransomware events are undoubtedly high‑stress, but they don’t have to spiral into disorder.

I was talking to a friend of mine recently who told me whenever a member of his cybersecurity team calls him, it has to be cameras on and full live background, no filters. At first, I thought he was just talking about a corporate “cameras on” policy, but he soon explained that due to the rise of nation-state attacks, it was imperative that he can see and know that he is talking to his team and not a threat actor using deepfake technology. Maybe you have had this experience in your own business.

Most organizations believe they are prepared for a cyber-crisis until they experience one.  Policies exist, incident response plans are documented, and tools are deployed. However, when a real breach unfolds, leaders often discover the painful truth that being prepared on paper does not mean our behaviors are ready to lead in a crisis. Preparedness on paper does not translate into preparedness in behavior.